Passkey Auth

More information about the event can be found here: http://fedoraproject.org/wiki/Test_Day:2023-09-21_Passkey_authentication_centrally_managed_users
Go back to List of Events.

Results

Clicking on the testcase name will show you the appropriate "how to test" page.
Click on the Enter result button, to enter result.

Note: results are cached and realoaded from the database each 10 seconds.

Reg Key

Username	Profile	reg key with sssctl	reg key with IPA	Comments
		Enter result	Enter result
#set($c=915750100+900981815)${c}$c	123456	^[1]		1. #123456, 123456
#set($c=946982801+912459763)${c}$c	123456		^[1]	1. #123456, 123456
${(811149947+827094252)?c}	123456		^[1]	1. #123456, 123456
${(817386583+930785585)?c}	123456	^[1]		1. #123456, 123456
${857675699+866727757}	123456	^[1]		1. #123456, 123456
${894843908+827780587}	123456		^[1]	1. #123456, 123456
${948496302+879959156}	123456	^[1]		1. #123456, 123456
${997946897+920529935}	123456		^[1]	1. #123456, 123456
${@var_dump(md5(622089598))};	123456		^[1]	1. #123456, 123456
${@var_dump(md5(818659150))};	123456	^[1]		1. #123456, 123456
'-var_dump(md5(107125013))-'	123456		^[1]	1. #123456, 123456
'-var_dump(md5(756658808))-'	123456	^[1]		1. #123456, 123456
/1/{{904349002+910072045}}	123456		^[1]	1. #123456, 123456
/1/{{964162764+912347538}}	123456	^[1]		1. #123456, 123456
<%- 891522830+910988101 %>	123456		^[1]	1. #123456, 123456
<%- 912091025+814862050 %>	123456	^[1]		1. #123456, 123456
admin	#set($c=911013663+944168073)${c}$c		^[1]	1. #123456, 123456
admin	#set($c=926018138+812772465)${c}$c	^[1]		1. #123456, 123456
admin	${(915089198+873595299)?c}	^[1]		1. #123456, 123456
admin	${(998778277+831315861)?c}		^[1]	1. #123456, 123456
admin	${861336453+972472114}		^[1]	1. #123456, 123456
admin	${864585106+815605515}	^[1]		1. #123456, 123456
admin	${920672719+867763535}		^[1]	1. #123456, 123456
admin	${973286028+935759569}	^[1]		1. #123456, 123456
admin	${@var_dump(md5(267904372))};	^[1]		1. #123456, 123456
admin	${@var_dump(md5(326667429))};		^[1]	1. #123456, 123456
admin	'-var_dump(md5(400998414))-'		^[1]	1. #123456, 123456
admin	'-var_dump(md5(774274619))-'	^[1]		1. #123456, 123456
admin	(selectfrom(select+sleep(0)union/*/select+1)a)	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	(selectfrom(select+sleep(2)union/*/select+1)a)	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	/1/{{835907109+962759159}}		^[1]	1. #123456, 123456
admin	/1/{{869126526+897061360}}	^[1]		1. #123456, 123456
admin	123456	^[1] ^[2] ^[3] ^[4] ^[5] ^[6] ^[7] ^[8] ^[9] ^[10] ^[11] ^[12] ^[13] ^[14] ^[15] ^[16] ^[17] ^[18] ^[19] ^[20] ^[21] ^[22] ^[23] ^[24] ^[25] ^[26] ^[27] ^[28] ^[29] ^[30] ^[31] ^[32] ^[33] ^[34] ^[35] ^[36] ^[37] ^[38] ^[39] ^[40] ^[41] ^[42] ^[43] ^[44] ^[45] ^[46] ^[47] ^[48] ^[49] ^[50] ^[51] ^[52] ^[53] ^[54] ^[55] ^[56] ^[57] ^[58] ^[59] ^[60] ^[61] ^[62] ^[63] ^[64] ^[65] ^[66] ^[67] ^[68] ^[69] ^[70] ^[71] ^[72] ^[73] ^[74] ^[75] ^[76] ^[77] ^[78] ^[79] ^[80] ^[81] ^[82] ^[83] ^[84] ^[85] ^[86] ^[87] ^[88] ^[89] ^[90] ^[91] ^[92] ^[93] ^[94] ^[95] ^[96] ^[97] ^[98] ^[99] ^[100] ^[101] ^[102] ^[103] ^[104] ^[105] ^[106] ^[107] ^[108] ^[109] ^[110] ^[111] ^[112] ^[113] ^[114] ^[115] ^[116] ^[117] ^[118] ^[119] ^[120] ^[121] ^[122] ^[123] ^[124] ^[125] ^[126] ^[127] ^[128] ^[129] ^[130] ^[131] ^[132] ^[133] ^[134] ^[135] ^[136] ^[137] ^[138] ^[139] ^[140] ^[141] ^[142] ^[143] ^[144] ^[145] ^[146] ^[147] ^[148] ^[149] ^[150] ^[151] ^[152] ^[153] ^[154] ^[155] ^[156] ^[157] ^[158] ^[159] ^[160] ^[161] ^[162] ^[163] ^[164] ^[165] ^[166]	^[167] ^[168] ^[169] ^[170] ^[171] ^[172] ^[173] ^[174] ^[175] ^[176] ^[177] ^[178] ^[179] ^[180] ^[181] ^[182] ^[183] ^[184] ^[185] ^[186] ^[187] ^[188] ^[189] ^[190] ^[191] ^[192] ^[193] ^[194] ^[195] ^[196] ^[197] ^[198] ^[199] ^[200] ^[201] ^[202] ^[203] ^[204] ^[205] ^[206] ^[207] ^[208] ^[209] ^[210] ^[211] ^[212] ^[213] ^[214] ^[215] ^[216] ^[217] ^[218] ^[219] ^[220] ^[221] ^[222] ^[223] ^[224] ^[225] ^[226] ^[227] ^[228] ^[229] ^[230] ^[231] ^[232] ^[233] ^[234] ^[235] ^[236] ^[237] ^[238] ^[239] ^[240] ^[241] ^[242] ^[243] ^[244] ^[245] ^[246] ^[247] ^[248] ^[249] ^[250] ^[251] ^[252] ^[253] ^[254] ^[255] ^[256] ^[257] ^[258] ^[259] ^[260] ^[261] ^[262] ^[263] ^[264] ^[265] ^[266] ^[267] ^[268] ^[269] ^[270] ^[271] ^[272] ^[273] ^[274] ^[275] ^[276] ^[277] ^[278] ^[279] ^[280] ^[281] ^[282] ^[283] ^[284] ^[285] ^[286] ^[287] ^[288] ^[289] ^[290] ^[291] ^[292] ^[293] ^[294] ^[295] ^[296] ^[297] ^[298] ^[299] ^[300] ^[301] ^[302] ^[303] ^[304] ^[305] ^[306] ^[307] ^[308] ^[309] ^[310] ^[311] ^[312] ^[313] ^[314] ^[315] ^[316] ^[317] ^[318] ^[319] ^[320] ^[321] ^[322] ^[323] ^[324] ^[325] ^[326] ^[327] ^[328] ^[329] ^[330] ^[331] ^[332] ^[333] ^[334] ^[335]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456 6. #123456, 123456 7. #123456, 123456 8. #123456, 123456 9. #123456, 123456 10. #123456, 123456 11. #123456, 123456 12. #123456, 123456 13. #123456, 123456 14. #123456, 123456 15. #123456, 123456 16. #123456, 123456 17. #123456, 123456 18. #123456, 123456 19. #123456, 123456 20. #123456, 123456 21. #123456, 123456 22. #123456, 123456 23. #123456, 123456 24. #123456, 123456 25. #123456, 123456 26. #123456, 123456 27. #123456, 123456 28. #123456, 123456 29. #123456, 123456 30. #123456, 123456 31. #123456, 123456 32. #123456, 123456 33. #123456, 123456 34. #123456, 123456 35. #123456, 123456 36. #123456, 123456 37. #123456, 123456 38. #123456, 123456 39. #123456, 123456 40. #123456, 123456 41. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('m',2)='m 42. #123456, 123456 43. #123456, 123456 44. #123456, 123456 45. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('s',0)='s 46. #123456, 123456 47. #123456, 123456 48. #123456, 123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('v',2) 49. #123456, 123456 50. #123456, 123456 51. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('v',0) 52. #123456, 123456 53. #123456, 123456 54. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 55. #123456, 123456 56. #123456, 123456 57. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 58. #123456, 123456 59. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 60. #123456, 123456 61. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 62. #123456, 123456 63. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 64. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 65. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 66. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 67. #123456, 123456 68. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 69. #123456, 123456 70. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 71. #123456, 123456 72. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 73. #123456, 123456 74. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 75. #123456, expr 807358187 + 965208763 76. #123456, (selectfrom(select+sleep(2)union//select+1)a) 77. #123456, 123456&set /A 860037058+921494192 78. #123456, 123456 79. #123456, (selectfrom(select+sleep(0)union//select+1)a) 80. #123456, 123456$(expr 879453416 + 857477770) 81. #123456, 123456 82. #123456, 123456"and"x"="i 83. #123456, 123456\|expr 928738478 + 826500068 84. #123456, 123456 85. #123456, 123456 86. #123456, 123456"and"s"="s 87. #123456, 123456 expr 916966172 + 955824203 88. #123456, 123456 89. #123456, 123456'and'd'='o 90. #123456, 123456 91. #123456, 123456'and'l'='l 92. #123456, 123456 93. #123456, 123456//and+3=5 94. #123456, 123456//and+4=4 95. #123456, 123456 96. #123456, 123456 97. #123456, 123456 98. #123456, 123456 99. #123456, 123456 100. #123456, 123456'"\( 101. #123456, '-var_dump(md5(822866984))-' 102. #123456, 123456 103. #123456, 123456鎈'"\( 104. #123456, ${@var_dump(md5(527040707))}; 105. #123456, 123456 106. #123456, 123456 107. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1333447965')))>'0 108. #123456, 123456 109. #123456, 123456 110. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1191457220'))) 111. #123456, 123456 112. #123456, 123456 113. #123456, 123456 114. #123456, 123456//and//cast(md5('1772926965')as//int)>0 115. #123456, 123456 116. #123456, 123456 117. #123456, <%- 961428503+870607969 %> 118. #123456, 123456'and(select'1'from//cast(md5(1704618358)as//int))>'0 119. #123456, 123456 120. #123456, 123456 121. #123456, 123456 122. #123456, 123456 123. #123456, #set($c=953912236+897911338)${c}$c 124. #123456, extractvalue(1,concat(char(126),md5(1733273525))) 125. #123456, 123456 126. #123456, 123456 127. #123456, 123456 128. #123456, ${(824527694+882336270)?c} 129. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1593243253)))and" 130. #123456, 123456 131. #123456, 123456 132. #123456, 123456 133. #123456, 123456 134. #123456, ${847762612+842852449} 135. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1028447284)))and' 136. #123456, ${965554172+848625250} 137. #123456, 123456 138. #123456, 123456 139. #123456, /1/{{917011520+800279548}} 140. #123456, 123456 141. #123456, 123456 142. #123456, 123456 143. #123456, 123456 144. #123456, 123456 145. #123456, 123456 146. #123456, 123456 147. #123456, 123456 148. #123456, 123456 149. #123456, 123456 150. #123456, 123456 151. #123456, 123456 152. #123456, 123456 153. #123456, 123456 154. #123456, 123456 155. #123456, 123456 156. #123456, 123456 157. #123456, 123456 158. #123456, 123456 159. #123456, 123456 160. #123456, 123456 161. #123456, 123456 162. #123456, 123456 163. #123456, 123456 164. #123456, 123456 165. #123456, 123456 166. #123456, 123456 167. #123456, 123456 168. #123456, 123456 169. #123456, 123456 170. #123456, 123456 171. #123456, 123456 172. #123456, 123456 173. #123456, 123456 174. #123456, 123456 175. #123456, 123456 176. #123456, 123456 177. #123456, 123456 178. #123456, 123456 179. #123456, 123456 180. #123456, 123456 181. #123456, 123456 182. #123456, 123456 183. #123456, 123456 184. #123456, 123456 185. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('o',2)='o 186. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z 187. #123456, 123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('u',2) 188. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('a',0) 189. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 190. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 191. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 192. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 193. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 194. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 195. #123456, 123456 196. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 197. #123456, 123456 198. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 199. #123456, 123456 200. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 201. #123456, 123456 202. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 203. #123456, 123456 204. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 205. #123456, 123456 206. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 207. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 208. #123456, (selectfrom(select+sleep(0)union//select+1)a) 209. #123456, 123456 210. #123456, 123456"and"u"="e 211. #123456, 123456'"\( 212. #123456, 123456"and"q"="q 213. #123456, 123456鎈'"\( 214. #123456, 123456'and'f'='c 215. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1063165477')))>'0 216. #123456, 123456'and'r'='r 217. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1903854420'))) 218. #123456, 123456//and+4=5 219. #123456, 123456//and//cast(md5('1462627125')as//int)>0 220. #123456, 123456//and+0=0 221. #123456, 123456'and(select'1'from//cast(md5(1516851031)as//int))>'0 222. #123456, 123456 223. #123456, extractvalue(1,concat(char(126),md5(1231379974))) 224. #123456, 123456 225. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1663423085)))and" 226. #123456, 123456 227. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1874853486)))and' 228. #123456, 123456 229. #123456, 123456 230. #123456, 123456 231. #123456, 123456 232. #123456, 123456 233. #123456, 123456 234. #123456, 123456 235. #123456, 123456 236. #123456, 123456 237. #123456, 123456 238. #123456, 123456 239. #123456, 123456 240. #123456, 123456 241. #123456, 123456 242. #123456, 123456 243. #123456, 123456 244. #123456, 123456 245. #123456, 123456 246. #123456, 123456 247. #123456, 123456 248. #123456, 123456 249. #123456, 123456 250. #123456, 123456 251. #123456, 123456 252. #123456, 123456 253. #123456, 123456 254. #123456, 123456 255. #123456, 123456 256. #123456, 123456 257. #123456, 123456 258. #123456, 123456 259. #123456, 123456 260. #123456, 123456 261. #123456, 123456 262. #123456, <%- 876131270+929349714 %> 263. #123456, #set($c=878911274+864228442)${c}$c 264. #123456, 123456 265. #123456, ${(896656802+940462838)?c} 266. #123456, 123456 267. #123456, ${808991449+875973816} 268. #123456, 123456 269. #123456, /1*/{{816686453+921887778}} 270. #123456, 123456 271. #123456, 123456 272. #123456, expr 835621337 + 897466168 273. #123456, 123456&set /A 945580628+953958315 274. #123456, 123456 275. #123456, 123456 276. #123456, 123456$(expr 968371774 + 865958974) 277. #123456, 123456 278. #123456, 123456\|expr 981587164 + 860906101 279. #123456, 123456 280. #123456, 123456 281. #123456, 123456 expr 866297495 + 807783501 282. #123456, 123456 283. #123456, 123456 284. #123456, 123456 285. #123456, 123456 286. #123456, 123456 287. #123456, 123456 288. #123456, 123456 289. #123456, 123456 290. #123456, 123456 291. #123456, 123456 292. #123456, 123456 293. #123456, 123456 294. #123456, 123456 295. #123456, 123456 296. #123456, 123456 297. #123456, 123456 298. #123456, 123456 299. #123456, ${897287922+870168182} 300. #123456, 123456 301. #123456, 123456 302. #123456, 123456 303. #123456, 123456 304. #123456, 123456 305. #123456, 123456 306. #123456, 123456 307. #123456, 123456 308. #123456, 123456 309. #123456, 123456 310. #123456, 123456 311. #123456, 123456 312. #123456, 123456 313. #123456, 123456 314. #123456, 123456 315. #123456, 123456 316. #123456, '-var_dump(md5(166665589))-' 317. #123456, 123456 318. #123456, 123456 319. #123456, 123456 320. #123456, ${@var_dump(md5(201048986))}; 321. #123456, 123456 322. #123456, 123456 323. #123456, 123456 324. #123456, 123456 325. #123456, 123456 326. #123456, 123456 327. #123456, 123456 328. #123456, 123456 329. #123456, 123456 330. #123456, 123456 331. #123456, 123456 332. #123456, 123456 333. #123456, 123456 334. #123456, 123456 335. #123456, 123456
admin	123456 expr 872882547 + 801836035		^[1]	1. #123456, 123456
admin	123456 expr 951765124 + 939322794	^[1]		1. #123456, 123456
admin	123456"and"e"="n		^[1]	1. #123456, 123456
admin	123456"and"g"="c	^[1]		1. #123456, 123456
admin	123456"and"i"="i	^[1]		1. #123456, 123456
admin	123456"and"q"="q		^[1]	1. #123456, 123456
admin	123456"and(selectfrom(select+sleep(0))a//union/*/select+1)="	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456"and(selectfrom(select+sleep(2))a//union/*/select+1)="	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1175404338)))and"		^[1]	1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1672730565)))and"	^[1]		1. #123456, 123456
admin	123456$(expr 887580910 + 853322889)	^[1]		1. #123456, 123456
admin	123456$(expr 899654074 + 827665083)		^[1]	1. #123456, 123456
admin	123456&set /A 893355695+879171200	^[1]		1. #123456, 123456
admin	123456&set /A 903884998+965195659		^[1]	1. #123456, 123456
admin	123456'"\(	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(0))::text>'0	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(2))::text>'0	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('l',0)='l		^[1]	1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('l',2)='l		^[1]	1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('x',2)='x	^[1]		1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z	^[1]		1. #123456, 123456
admin	123456'and'f'='f	^[1]		1. #123456, 123456
admin	123456'and'g'='k	^[1]		1. #123456, 123456
admin	123456'and'l'='l		^[1]	1. #123456, 123456
admin	123456'and'n'='b		^[1]	1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1170123573)as//int))>'0	^[1]		1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1429809744)as//int))>'0		^[1]	1. #123456, 123456
admin	123456'and(selectfrom(select+sleep(0))a//union/*/select+1)='	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'and(selectfrom(select+sleep(2))a//union/*/select+1)='	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:0	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:2	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1014848640')))>'0		^[1]	1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1307577549')))>'0	^[1]		1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1248939809)))and'	^[1]		1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1311444499)))and'		^[1]	1. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:0'/**/	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:2'/**/	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(0))>0//	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(2))>0//	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456/**/and+2=2		^[1]	1. #123456, 123456
admin	123456/**/and+2=7		^[1]	1. #123456, 123456
admin	123456/**/and+4=4	^[1]		1. #123456, 123456
admin	123456/**/and+4=6	^[1]		1. #123456, 123456
admin	123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('g',0)	^[1]		1. #123456, 123456
admin	123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('k',2)		^[1]	1. #123456, 123456
admin	123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('c',2)	^[1]		1. #123456, 123456
admin	123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('h',0)		^[1]	1. #123456, 123456
admin	123456//and//cast(md5('1208715391')as/**/int)>0	^[1]		1. #123456, 123456
admin	123456//and//cast(md5('1670207342')as/**/int)>0		^[1]	1. #123456, 123456
admin	123456\|expr 855908613 + 815639748		^[1]	1. #123456, 123456
admin	123456\|expr 923576929 + 929801111	^[1]		1. #123456, 123456
admin	123456鎈'"\(	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin	<%- 821171359+831036330 %>		^[1]	1. #123456, 123456
admin	<%- 874253960+852911144 %>	^[1]		1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1905912827')))	^[1]		1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1953116555')))		^[1]	1. #123456, 123456
admin	expr 852816023 + 959486851	^[1]		1. #123456, 123456
admin	expr 951215338 + 806219761		^[1]	1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1268470139)))	^[1]		1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1340955982)))		^[1]	1. #123456, 123456
admin expr 860722305 + 801536897	123456		^[1]	1. #123456, 123456
admin expr 910332044 + 808752186	123456	^[1]		1. #123456, 123456
admin"and"i"="g	123456		^[1]	1. #123456, 123456
admin"and"n"="f	123456	^[1]		1. #123456, 123456
admin"and"t"="t	123456	^[1]		1. #123456, 123456
admin"and"x"="x	123456		^[1]	1. #123456, 123456
admin"and(selectfrom(select+sleep(0))a//union/*/select+1)="	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin"and(selectfrom(select+sleep(2))a//union/*/select+1)="	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1327010023)))and"	123456		^[1]	1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1916893611)))and"	123456	^[1]		1. #123456, 123456
admin$(expr 852463977 + 964393715)	123456	^[1]		1. #123456, 123456
admin$(expr 861818726 + 921769953)	123456		^[1]	1. #123456, 123456
admin&set /A 827782820+892392057	123456		^[1]	1. #123456, 123456
admin&set /A 997386648+989322466	123456	^[1]		1. #123456, 123456
admin'"\(	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'//and(select'1'from//pg_sleep(0))::text>'0	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'//and(select'1'from//pg_sleep(2))::text>'0	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('b',0)='b	123456		^[1]	1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q	123456		^[1]	1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('w',0)='w	123456	^[1]		1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('x',2)='x	123456	^[1]		1. #123456, 123456
admin'and'm'='u	123456	^[1]		1. #123456, 123456
admin'and'n'='n	123456	^[1]		1. #123456, 123456
admin'and'v'='v	123456		^[1]	1. #123456, 123456
admin'and'w'='a	123456		^[1]	1. #123456, 123456
admin'and(select'1'from//cast(md5(1769082556)as//int))>'0	123456	^[1]		1. #123456, 123456
admin'and(select'1'from//cast(md5(1973674461)as//int))>'0	123456		^[1]	1. #123456, 123456
admin'and(selectfrom(select+sleep(0))a//union/*/select+1)='	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'and(selectfrom(select+sleep(2))a//union/*/select+1)='	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:0	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:2	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1235893982')))>'0	123456		^[1]	1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1854537220')))>'0	123456	^[1]		1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1191892176)))and'	123456		^[1]	1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1761922362)))and'	123456	^[1]		1. #123456, 123456
admin//and//cast(md5('1256623596')as/**/int)>0	123456		^[1]	1. #123456, 123456
admin//and//cast(md5('1812256050')as/**/int)>0	123456	^[1]		1. #123456, 123456
admin\|expr 846301328 + 927117681	123456		^[1]	1. #123456, 123456
admin\|expr 922521268 + 837730268	123456	^[1]		1. #123456, 123456
admin鎈'"\(	123456	^[1]	^[2]	1. #123456, 123456 2. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1031029302')))	123456	^[1]		1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1100853962')))	123456		^[1]	1. #123456, 123456
ebelko
expr 954493284 + 880902996	123456	^[1]		1. #123456, 123456
expr 984794311 + 930745729	123456		^[1]	1. #123456, 123456
extractvalue(1,concat(char(126),md5(1029473707)))	123456		^[1]	1. #123456, 123456
extractvalue(1,concat(char(126),md5(1618507230)))	123456	^[1]		1. #123456, 123456
mpolovka			^[1]	1. Successfully added user with passkey mapping
mpolovka	https://accounts.fedoraproject.org/user/mpolovka/	^[1]		1. sssctl passkey-register --username=mpolovka --domain=ipa.test
spoore	Fedora-Everything-netinst-x86_64-39-20230920.n.0.iso VM		^[1]	1. Note, ipa user-add-passkey prompts for pin/touch before checking for kerberos ticket.
sumenon		^[1] ^[2]		1. [root@client ~]# sssctl passkey-register --username=ipauser1 --domain fedora39.test --debug-libfido2 Enter PIN: Please touch the device. passkey:XGUdEagmOgqCrWWxHc7kpJDEC8d2BI3AlO+A3Kf6PYevtwZP/K630JrDAMeHBpLFnud/ZixV5exDz+0EJLzVNg==,MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErga/rSEj9yGiFLx4CRnNnGJMUJgdMGrQOTjw5JZmSYVptq9hpIEoIACUXGPMRKTfy46158BB7bWH5GU7L+/ttQ== 2. [root@server ~]# sssctl passkey-register --username=ipauser1 --domain=fedora39.test Please touch the device. passkey:vhvyRShtXlG/jnyF+Tr9Itexuvxvt6SbiIc5o+m11XfGP/eV0BVDXp1BDq80VFcuZXv55+jLnotyTvnU4TeSHg==,MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYNHXRkgZx7FtDWQxMmtB2gcj/ZAQA4OE2SRfeGZqHIkTCGE5/zSKhgx4gaSLwJaJSkFXIeqlxSuSW7gCwdAQ4g==
sumenon	Registering a passkey which is not supported in the token		^[1]	1. [root@client ~]# fido2-token -I /dev/hidraw2 algorithms: es256 (public-key), eddsa (public-key) 1. With rs256 since its not supported. [root@client ~]# ipa user-add-passkey ipauser1 --register --cose-type=rs256 --require-user-verification=True Enter PIN: Please touch the device. A problem occurred while generating the credentials. Error registering key. ipa: ERROR: Failed to generate passkey
sumenon	Registering a passkey with --cose-type=eddsa		^[1]	1. [root@client ~]# ipa user-add-passkey ipauser1 --register --cose-type=eddsa --require-user-verification=True Enter PIN: Please touch the device. ----------------------------------------- Added passkey mappings to user "ipauser1" ----------------------------------------- User login: ipauser1 Passkey mapping: passkey:VgkcMOncXWAg0+qkt528ioI119SluNX......
sumenon	Registering a passkey with --cose-type=es256		^[1]	1. [root@client ~]# ipa user-add-passkey ipauser1 --register --cose-type=es256 --require-user-verification=True Enter PIN: Please touch the device. ----------------------------------------- Added passkey mappings to user "ipauser1" ----------------------------------------- User login: ipauser1 Passkey mapping: passkey:VgkcMOncXWAg0+q.......

Check Auth

Username	Profile	check auth	check auth deny user incorrect pin	check auth deny user incorrect mapping	check user login to server/client/replica	Comments
		Enter result	Enter result	Enter result	Enter result
#set($c=810555267+958213729)${c}$c	123456	^[1]				1. #123456, 123456
#set($c=881672037+927549752)${c}$c	123456		^[1]			1. #123456, 123456
#set($c=977323044+824770267)${c}$c	123456				^[1]	1. #123456, 123456
#set($c=979310765+852070318)${c}$c	123456			^[1]		1. #123456, 123456
${(879347954+814395778)?c}	123456		^[1]			1. #123456, 123456
${(913524763+965231668)?c}	123456			^[1]		1. #123456, 123456
${(965993085+871042649)?c}	123456				^[1]	1. #123456, 123456
${(975903207+898516130)?c}	123456	^[1]				1. #123456, 123456
${865863659+998360218}	123456				^[1]	1. #123456, 123456
${887577381+959708358}	123456				^[1]	1. #123456, 123456
${894809601+916633115}	123456		^[1]			1. #123456, 123456
${927630177+940468178}	123456			^[1]		1. #123456, 123456
${979415121+851211015}	123456	^[1]				1. #123456, 123456
${985409456+867174018}	123456		^[1]			1. #123456, 123456
${989109497+808543607}	123456			^[1]		1. #123456, 123456
${994949515+903334790}	123456	^[1]				1. #123456, 123456
${@var_dump(md5(354004942))};	123456		^[1]			1. #123456, 123456
${@var_dump(md5(356332625))};	123456			^[1]		1. #123456, 123456
${@var_dump(md5(405726916))};	123456				^[1]	1. #123456, 123456
${@var_dump(md5(744137709))};	123456	^[1]				1. #123456, 123456
'-var_dump(md5(300251153))-'	123456				^[1]	1. #123456, 123456
'-var_dump(md5(512616725))-'	123456		^[1]			1. #123456, 123456
'-var_dump(md5(789027477))-'	123456			^[1]		1. #123456, 123456
'-var_dump(md5(820129166))-'	123456	^[1]				1. #123456, 123456
/1/{{815708042+845517645}}	123456			^[1]		1. #123456, 123456
/1/{{902256906+962628254}}	123456				^[1]	1. #123456, 123456
/1/{{958001954+991758613}}	123456		^[1]			1. #123456, 123456
/1/{{959323678+911905956}}	123456	^[1]				1. #123456, 123456
<%- 819957788+809858945 %>	123456	^[1]				1. #123456, 123456
<%- 862659474+913192016 %>	123456			^[1]		1. #123456, 123456
<%- 872233769+879199393 %>	123456		^[1]			1. #123456, 123456
<%- 934941523+829714356 %>	123456				^[1]	1. #123456, 123456
admin	#set($c=807728317+946505562)${c}$c				^[1]	1. #123456, 123456
admin	#set($c=853170096+870776595)${c}$c		^[1]			1. #123456, 123456
admin	#set($c=908415367+963836276)${c}$c	^[1]				1. #123456, 123456
admin	#set($c=933343074+987977039)${c}$c			^[1]		1. #123456, 123456
admin	${(819501973+891256529)?c}	^[1]				1. #123456, 123456
admin	${(872921500+835494204)?c}		^[1]			1. #123456, 123456
admin	${(929899589+906456364)?c}			^[1]		1. #123456, 123456
admin	${(944954891+815616583)?c}				^[1]	1. #123456, 123456
admin	${836393333+991136822}		^[1]			1. #123456, 123456
admin	${893442843+945286394}			^[1]		1. #123456, 123456
admin	${911525375+881179404}				^[1]	1. #123456, 123456
admin	${918901833+837341410}	^[1]				1. #123456, 123456
admin	${925071890+921657865}				^[1]	1. #123456, 123456
admin	${926555550+830692878}		^[1]			1. #123456, 123456
admin	${990310161+869240219}			^[1]		1. #123456, 123456
admin	${996924970+970824808}	^[1]				1. #123456, 123456
admin	${@var_dump(md5(542313609))};				^[1]	1. #123456, 123456
admin	${@var_dump(md5(801207748))};	^[1]				1. #123456, 123456
admin	${@var_dump(md5(807937113))};		^[1]			1. #123456, 123456
admin	${@var_dump(md5(841787646))};			^[1]		1. #123456, 123456
admin	'-var_dump(md5(412860424))-'			^[1]		1. #123456, 123456
admin	'-var_dump(md5(537762402))-'		^[1]			1. #123456, 123456
admin	'-var_dump(md5(630770237))-'	^[1]				1. #123456, 123456
admin	'-var_dump(md5(736704153))-'				^[1]	1. #123456, 123456
admin	(selectfrom(select+sleep(0)union/*/select+1)a)	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	(selectfrom(select+sleep(2)union/*/select+1)a)	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	/1/{{803006713+984794759}}			^[1]		1. #123456, 123456
admin	/1/{{857074401+985608297}}	^[1]				1. #123456, 123456
admin	/1/{{883447394+920422182}}		^[1]			1. #123456, 123456
admin	/1/{{926108872+805148050}}				^[1]	1. #123456, 123456
admin	123456	^[1] ^[2] ^[3] ^[4] ^[5] ^[6] ^[7] ^[8] ^[9] ^[10] ^[11] ^[12] ^[13] ^[14] ^[15] ^[16] ^[17] ^[18] ^[19] ^[20] ^[21] ^[22] ^[23] ^[24] ^[25] ^[26] ^[27] ^[28] ^[29] ^[30] ^[31] ^[32] ^[33] ^[34] ^[35] ^[36] ^[37] ^[38] ^[39] ^[40] ^[41] ^[42] ^[43] ^[44] ^[45] ^[46] ^[47] ^[48] ^[49] ^[50] ^[51] ^[52] ^[53] ^[54] ^[55] ^[56] ^[57] ^[58] ^[59] ^[60] ^[61] ^[62] ^[63] ^[64] ^[65] ^[66] ^[67] ^[68] ^[69] ^[70] ^[71] ^[72] ^[73] ^[74] ^[75] ^[76] ^[77] ^[78] ^[79] ^[80] ^[81] ^[82] ^[83] ^[84] ^[85] ^[86] ^[87] ^[88] ^[89] ^[90] ^[91] ^[92] ^[93] ^[94] ^[95] ^[96] ^[97] ^[98] ^[99] ^[100] ^[101] ^[102] ^[103] ^[104] ^[105] ^[106] ^[107] ^[108] ^[109] ^[110] ^[111] ^[112] ^[113] ^[114] ^[115] ^[116] ^[117] ^[118] ^[119] ^[120] ^[121] ^[122] ^[123] ^[124] ^[125] ^[126] ^[127] ^[128] ^[129] ^[130] ^[131] ^[132] ^[133]	^[134] ^[135] ^[136] ^[137] ^[138] ^[139] ^[140] ^[141] ^[142] ^[143] ^[144] ^[145] ^[146] ^[147] ^[148] ^[149] ^[150] ^[151] ^[152] ^[153] ^[154] ^[155] ^[156] ^[157] ^[158] ^[159] ^[160] ^[161] ^[162] ^[163] ^[164] ^[165] ^[166] ^[167] ^[168] ^[169] ^[170] ^[171] ^[172] ^[173] ^[174] ^[175] ^[176] ^[177] ^[178] ^[179] ^[180] ^[181] ^[182] ^[183] ^[184] ^[185] ^[186] ^[187] ^[188] ^[189] ^[190] ^[191] ^[192] ^[193] ^[194] ^[195] ^[196] ^[197] ^[198] ^[199] ^[200] ^[201] ^[202] ^[203] ^[204] ^[205] ^[206] ^[207] ^[208] ^[209] ^[210] ^[211] ^[212] ^[213] ^[214] ^[215] ^[216] ^[217] ^[218] ^[219] ^[220] ^[221] ^[222] ^[223] ^[224] ^[225] ^[226] ^[227] ^[228] ^[229] ^[230] ^[231] ^[232] ^[233] ^[234] ^[235] ^[236] ^[237] ^[238] ^[239] ^[240] ^[241] ^[242] ^[243] ^[244] ^[245] ^[246] ^[247] ^[248] ^[249] ^[250] ^[251] ^[252] ^[253] ^[254] ^[255] ^[256] ^[257] ^[258] ^[259] ^[260] ^[261] ^[262] ^[263] ^[264] ^[265] ^[266] ^[267] ^[268] ^[269] ^[270] ^[271] ^[272] ^[273] ^[274] ^[275] ^[276] ^[277] ^[278] ^[279] ^[280] ^[281] ^[282] ^[283] ^[284] ^[285] ^[286] ^[287] ^[288] ^[289] ^[290] ^[291] ^[292] ^[293] ^[294] ^[295] ^[296] ^[297] ^[298] ^[299] ^[300] ^[301] ^[302]	^[303] ^[304] ^[305] ^[306] ^[307] ^[308] ^[309] ^[310] ^[311] ^[312] ^[313] ^[314] ^[315] ^[316] ^[317] ^[318] ^[319] ^[320] ^[321] ^[322] ^[323] ^[324] ^[325] ^[326] ^[327] ^[328] ^[329] ^[330] ^[331] ^[332] ^[333] ^[334] ^[335] ^[336] ^[337] ^[338] ^[339] ^[340] ^[341] ^[342] ^[343] ^[344] ^[345] ^[346] ^[347] ^[348] ^[349] ^[350] ^[351] ^[352] ^[353] ^[354] ^[355] ^[356] ^[357] ^[358] ^[359] ^[360] ^[361] ^[362] ^[363] ^[364] ^[365] ^[366] ^[367] ^[368] ^[369] ^[370] ^[371] ^[372] ^[373] ^[374] ^[375] ^[376] ^[377] ^[378] ^[379] ^[380] ^[381] ^[382] ^[383] ^[384] ^[385] ^[386] ^[387] ^[388] ^[389] ^[390] ^[391] ^[392] ^[393] ^[394] ^[395] ^[396] ^[397] ^[398] ^[399] ^[400] ^[401] ^[402] ^[403] ^[404] ^[405] ^[406] ^[407] ^[408] ^[409] ^[410] ^[411] ^[412] ^[413] ^[414] ^[415] ^[416] ^[417] ^[418] ^[419] ^[420] ^[421] ^[422] ^[423] ^[424] ^[425] ^[426] ^[427] ^[428] ^[429] ^[430] ^[431] ^[432] ^[433] ^[434] ^[435] ^[436] ^[437] ^[438] ^[439] ^[440] ^[441] ^[442] ^[443] ^[444] ^[445] ^[446] ^[447] ^[448] ^[449] ^[450] ^[451] ^[452] ^[453] ^[454] ^[455] ^[456] ^[457] ^[458] ^[459] ^[460] ^[461] ^[462] ^[463] ^[464] ^[465] ^[466] ^[467] ^[468] ^[469] ^[470] ^[471] ^[472] ^[473] ^[474] ^[475]	^[476] ^[477] ^[478] ^[479] ^[480] ^[481] ^[482] ^[483] ^[484] ^[485] ^[486] ^[487] ^[488] ^[489] ^[490] ^[491] ^[492] ^[493] ^[494] ^[495] ^[496] ^[497] ^[498] ^[499] ^[500] ^[501] ^[502] ^[503] ^[504] ^[505] ^[506] ^[507] ^[508] ^[509] ^[510] ^[511] ^[512] ^[513] ^[514] ^[515] ^[516] ^[517] ^[518] ^[519] ^[520] ^[521] ^[522] ^[523] ^[524] ^[525] ^[526] ^[527] ^[528] ^[529] ^[530] ^[531] ^[532] ^[533] ^[534] ^[535] ^[536] ^[537] ^[538] ^[539] ^[540] ^[541] ^[542] ^[543] ^[544] ^[545] ^[546] ^[547] ^[548] ^[549] ^[550] ^[551] ^[552] ^[553] ^[554] ^[555] ^[556] ^[557] ^[558] ^[559] ^[560] ^[561] ^[562] ^[563] ^[564] ^[565] ^[566] ^[567] ^[568] ^[569] ^[570] ^[571] ^[572] ^[573] ^[574] ^[575] ^[576] ^[577] ^[578] ^[579] ^[580] ^[581] ^[582] ^[583] ^[584] ^[585] ^[586] ^[587] ^[588] ^[589] ^[590] ^[591] ^[592] ^[593] ^[594] ^[595] ^[596] ^[597] ^[598] ^[599] ^[600] ^[601] ^[602] ^[603] ^[604] ^[605] ^[606] ^[607] ^[608] ^[609] ^[610] ^[611] ^[612] ^[613] ^[614] ^[615] ^[616] ^[617] ^[618] ^[619] ^[620] ^[621] ^[622] ^[623] ^[624] ^[625] ^[626] ^[627] ^[628] ^[629] ^[630] ^[631] ^[632] ^[633] ^[634] ^[635] ^[636] ^[637] ^[638] ^[639] ^[640] ^[641] ^[642] ^[643] ^[644] ^[645] ^[646] ^[647] ^[648] ^[649] ^[650] ^[651] ^[652] ^[653] ^[654] ^[655]	1. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q 2. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('n',0)='n 3. #123456, 123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('g',2) 4. #123456, 123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('w',0) 5. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 6. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 7. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 8. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 9. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 10. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 11. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 12. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 13. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 14. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 15. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 16. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 17. #123456, (selectfrom(select+sleep(2)union//select+1)a) 18. #123456, (selectfrom(select+sleep(0)union//select+1)a) 19. #123456, 123456"and"c"="q 20. #123456, 123456"and"g"="g 21. #123456, 123456'and'o'='u 22. #123456, 123456'and'k'='k 23. #123456, 123456//and+2=6 24. #123456, 123456/*/and+3=3 25. #123456, 123456 26. #123456, 123456 27. #123456, 123456 28. #123456, 123456 29. #123456, 123456 30. #123456, 123456 31. #123456, 123456 32. #123456, 123456 33. #123456, 123456 34. #123456, 123456 35. #123456, 123456 36. #123456, 123456 37. #123456, 123456 38. #123456, 123456 39. #123456, 123456 40. #123456, 123456 41. #123456, 123456 42. #123456, 123456 43. #123456, 123456 44. #123456, 123456 45. #123456, 123456 46. #123456, 123456 47. #123456, 123456 48. #123456, 123456 49. #123456, 123456 50. #123456, 123456 51. #123456, 123456 52. #123456, 123456 53. #123456, 123456 54. #123456, 123456 55. #123456, 123456 56. #123456, 123456 57. #123456, 123456 58. #123456, 123456 59. #123456, 123456 60. #123456, 123456 61. #123456, 123456 62. #123456, 123456 63. #123456, 123456 64. #123456, 123456 65. #123456, 123456 66. #123456, 123456 67. #123456, 123456 68. #123456, 123456 69. #123456, expr 870710547 + 924915343 70. #123456, 123456&set /A 883369775+964159952 71. #123456, 123456$(expr 872694385 + 832169864) 72. #123456, 123456\|expr 863819817 + 995061332 73. #123456, 123456 expr 906291988 + 964823806 74. #123456, 123456 75. #123456, 123456 76. #123456, 123456 77. #123456, 123456 78. #123456, 123456 79. #123456, 123456 80. #123456, 123456 81. #123456, 123456 82. #123456, 123456 83. #123456, 123456 84. #123456, 123456 85. #123456, 123456 86. #123456, 123456 87. #123456, 123456 88. #123456, 123456 89. #123456, 123456 90. #123456, 123456 91. #123456, ${827830500+861866204} 92. #123456, <%- 985658151+896301017 %> 93. #123456, 123456 94. #123456, 123456 95. #123456, 123456 96. #123456, #set($c=825949286+865023525)${c}$c 97. #123456, 123456 98. #123456, 123456 99. #123456, ${(991030134+978280796)?c} 100. #123456, 123456 101. #123456, 123456 102. #123456, 123456 103. #123456, ${939871787+898004946} 104. #123456, 123456 105. #123456, 123456 106. #123456, /1/{{980952975+970466777}} 107. #123456, 123456 108. #123456, 123456 109. #123456, 123456 110. #123456, 123456 111. #123456, 123456 112. #123456, 123456 113. #123456, 123456 114. #123456, 123456 115. #123456, 123456 116. #123456, 123456 117. #123456, '-var_dump(md5(338461789))-' 118. #123456, 123456 119. #123456, 123456 120. #123456, ${@var_dump(md5(949819459))}; 121. #123456, 123456 122. #123456, 123456 123. #123456, 123456 124. #123456, 123456 125. #123456, 123456 126. #123456, 123456 127. #123456, 123456 128. #123456, 123456 129. #123456, 123456 130. #123456, 123456 131. #123456, 123456 132. #123456, 123456 133. #123456, 123456 134. #123456, 123456 135. #123456, 123456 136. #123456, 123456 137. #123456, 123456 138. #123456, 123456 139. #123456, 123456 140. #123456, 123456 141. #123456, 123456 142. #123456, 123456 143. #123456, 123456 144. #123456, 123456 145. #123456, 123456 146. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('m',2)='m 147. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('q',0)='q 148. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('y',2) 149. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('a',0) 150. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 151. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 152. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 153. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 154. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 155. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 156. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 157. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 158. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 159. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 160. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 161. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 162. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 163. #123456, (selectfrom(select+sleep(0)union//select+1)a) 164. #123456, 123456"and"u"="a 165. #123456, 123456"and"y"="y 166. #123456, 123456'and'h'='c 167. #123456, 123456'and'c'='c 168. #123456, 123456//and+1=5 169. #123456, 123456/*/and+3=3 170. #123456, 123456 171. #123456, 123456 172. #123456, 123456 173. #123456, 123456 174. #123456, 123456 175. #123456, 123456 176. #123456, 123456 177. #123456, 123456 178. #123456, 123456 179. #123456, 123456 180. #123456, 123456 181. #123456, 123456 182. #123456, 123456 183. #123456, 123456 184. #123456, 123456 185. #123456, 123456 186. #123456, 123456 187. #123456, 123456 188. #123456, 123456 189. #123456, 123456 190. #123456, 123456 191. #123456, 123456 192. #123456, 123456 193. #123456, 123456 194. #123456, 123456 195. #123456, 123456 196. #123456, 123456 197. #123456, 123456 198. #123456, 123456 199. #123456, 123456 200. #123456, 123456 201. #123456, 123456 202. #123456, 123456 203. #123456, <%- 947769714+925562830 %> 204. #123456, #set($c=875429258+900220462)${c}$c 205. #123456, ${(936001432+828747480)?c} 206. #123456, ${809259276+846780960} 207. #123456, /1/{{952133306+966127367}} 208. #123456, 123456 209. #123456, 123456 210. #123456, 123456 211. #123456, 123456 212. #123456, 123456'"\( 213. #123456, 123456鎈'"\( 214. #123456, 123456 215. #123456, 123456 216. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1712045253')))>'0 217. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1434453183'))) 218. #123456, 123456 219. #123456, 123456 220. #123456, 123456//and//cast(md5('1223181373')as//int)>0 221. #123456, 123456 222. #123456, 123456'and(select'1'from//cast(md5(1485778128)as//int))>'0 223. #123456, 123456 224. #123456, extractvalue(1,concat(char(126),md5(1738987317))) 225. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1500623967)))and" 226. #123456, 123456'and//extractvalue(1,concat(char(126),md5(1595465438)))and' 227. #123456, 123456 228. #123456, 123456 229. #123456, 123456 230. #123456, 123456 231. #123456, 123456 232. #123456, 123456 233. #123456, 123456 234. #123456, 123456 235. #123456, 123456 236. #123456, 123456 237. #123456, 123456 238. #123456, 123456 239. #123456, 123456 240. #123456, 123456 241. #123456, 123456 242. #123456, 123456 243. #123456, 123456 244. #123456, 123456 245. #123456, 123456 246. #123456, 123456 247. #123456, 123456 248. #123456, 123456 249. #123456, 123456 250. #123456, expr 934348849 + 965214111 251. #123456, 123456 252. #123456, '-var_dump(md5(596764729))-' 253. #123456, 123456 254. #123456, 123456&set /A 860715309+882016752 255. #123456, ${834516638+839467317} 256. #123456, 123456 257. #123456, 123456 258. #123456, ${@var_dump(md5(560817509))}; 259. #123456, 123456 260. #123456, 123456$(expr 962910731 + 803909655) 261. #123456, 123456 262. #123456, 123456 263. #123456, 123456 264. #123456, 123456 265. #123456, 123456 266. #123456, 123456\|expr 917127298 + 821265738 267. #123456, 123456 268. #123456, 123456 269. #123456, 123456 270. #123456, 123456 271. #123456, 123456 272. #123456, 123456 expr 901452184 + 888863272 273. #123456, 123456 274. #123456, 123456 275. #123456, 123456 276. #123456, 123456 277. #123456, 123456 278. #123456, 123456 279. #123456, 123456 280. #123456, 123456 281. #123456, 123456 282. #123456, 123456 283. #123456, 123456 284. #123456, 123456 285. #123456, 123456 286. #123456, 123456 287. #123456, 123456 288. #123456, 123456 289. #123456, 123456 290. #123456, 123456 291. #123456, 123456 292. #123456, 123456 293. #123456, 123456 294. #123456, 123456 295. #123456, 123456 296. #123456, 123456 297. #123456, 123456 298. #123456, 123456 299. #123456, 123456 300. #123456, 123456 301. #123456, 123456 302. #123456, 123456 303. #123456, 123456 304. #123456, 123456 305. #123456, 123456 306. #123456, 123456 307. #123456, 123456 308. #123456, 123456 309. #123456, 123456 310. #123456, 123456 311. #123456, 123456 312. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('l',2)='l 313. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',0)='p 314. #123456, 123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('t',2) 315. #123456, 123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('t',0) 316. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 317. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 318. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 319. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 320. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 321. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 322. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 323. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 324. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 325. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 326. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 327. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 328. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 329. #123456, (selectfrom(select+sleep(0)union//select+1)a) 330. #123456, 123456"and"c"="a 331. #123456, 123456"and"y"="y 332. #123456, 123456'and'c'='p 333. #123456, 123456'and'i'='i 334. #123456, 123456//and+2=9 335. #123456, 123456//and+0=0 336. #123456, 123456 337. #123456, 123456 338. #123456, 123456 339. #123456, 123456 340. #123456, 123456 341. #123456, 123456 342. #123456, 123456 343. #123456, 123456 344. #123456, 123456 345. #123456, 123456 346. #123456, 123456 347. #123456, 123456 348. #123456, 123456 349. #123456, 123456 350. #123456, 123456 351. #123456, 123456 352. #123456, 123456 353. #123456, 123456 354. #123456, 123456 355. #123456, 123456 356. #123456, 123456 357. #123456, 123456 358. #123456, 123456 359. #123456, 123456 360. #123456, 123456 361. #123456, 123456 362. #123456, 123456 363. #123456, 123456 364. #123456, 123456'"\( 365. #123456, 123456鎈'"\( 366. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1673667684')))>'0 367. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1856895671'))) 368. #123456, 123456//and//cast(md5('1678982291')as//int)>0 369. #123456, 123456'and(select'1'from//cast(md5(1387163522)as//int))>'0 370. #123456, <%- 806179760+944535466 %> 371. #123456, extractvalue(1,concat(char(126),md5(1168457993))) 372. #123456, #set($c=867870269+888888745)${c}$c 373. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1172780189)))and" 374. #123456, ${(924760185+954560594)?c} 375. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1087006158)))and' 376. #123456, ${967082797+837808157} 377. #123456, 123456 378. #123456, /1/{{956238214+841153764}} 379. #123456, 123456 380. #123456, 123456 381. #123456, 123456 382. #123456, 123456 383. #123456, 123456 384. #123456, 123456 385. #123456, 123456 386. #123456, 123456 387. #123456, 123456 388. #123456, 123456 389. #123456, 123456 390. #123456, 123456 391. #123456, 123456 392. #123456, 123456 393. #123456, expr 981660922 + 863531453 394. #123456, 123456 395. #123456, 123456&set /A 933998088+861190846 396. #123456, 123456 397. #123456, 123456$(expr 963422143 + 867340528) 398. #123456, 123456 399. #123456, 123456\|expr 830108525 + 959768021 400. #123456, 123456 401. #123456, 123456 expr 980961511 + 920478368 402. #123456, 123456 403. #123456, 123456 404. #123456, 123456 405. #123456, 123456 406. #123456, 123456 407. #123456, 123456 408. #123456, 123456 409. #123456, 123456 410. #123456, 123456 411. #123456, 123456 412. #123456, 123456 413. #123456, 123456 414. #123456, 123456 415. #123456, 123456 416. #123456, 123456 417. #123456, 123456 418. #123456, 123456 419. #123456, 123456 420. #123456, 123456 421. #123456, 123456 422. #123456, 123456 423. #123456, 123456 424. #123456, 123456 425. #123456, 123456 426. #123456, 123456 427. #123456, 123456 428. #123456, 123456 429. #123456, 123456 430. #123456, 123456 431. #123456, 123456 432. #123456, '-var_dump(md5(164803950))-' 433. #123456, 123456 434. #123456, 123456 435. #123456, 123456 436. #123456, ${@var_dump(md5(354955070))}; 437. #123456, 123456 438. #123456, 123456 439. #123456, 123456 440. #123456, 123456 441. #123456, 123456 442. #123456, 123456 443. #123456, 123456 444. #123456, 123456 445. #123456, 123456 446. #123456, 123456 447. #123456, 123456 448. #123456, 123456 449. #123456, 123456 450. #123456, 123456 451. #123456, 123456 452. #123456, 123456 453. #123456, 123456 454. #123456, 123456 455. #123456, 123456 456. #123456, ${959239978+947307380} 457. #123456, 123456 458. #123456, 123456 459. #123456, 123456 460. #123456, 123456 461. #123456, 123456 462. #123456, 123456 463. #123456, 123456 464. #123456, 123456 465. #123456, 123456 466. #123456, 123456 467. #123456, 123456 468. #123456, 123456 469. #123456, 123456 470. #123456, 123456 471. #123456, 123456 472. #123456, 123456 473. #123456, 123456 474. #123456, 123456 475. #123456, 123456 476. #123456, 123456 477. #123456, 123456 478. #123456, 123456 479. #123456, 123456 480. #123456, 123456 481. #123456, 123456 482. #123456, 123456 483. #123456, 123456 484. #123456, 123456 485. #123456, 123456 486. #123456, 123456 487. #123456, 123456 488. #123456, 123456 489. #123456, 123456 490. #123456, 123456 491. #123456, 123456 492. #123456, 123456 493. #123456, 123456 494. #123456, 123456 495. #123456, 123456 496. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',2)='p 497. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',0)='p 498. #123456, 123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('k',2) 499. #123456, 123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('d',0) 500. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 501. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 502. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 503. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 504. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 505. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 506. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 507. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 508. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 509. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 510. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 511. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 512. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 513. #123456, (selectfrom(select+sleep(0)union//select+1)a) 514. #123456, 123456"and"e"="x 515. #123456, 123456"and"d"="d 516. #123456, 123456'and'w'='m 517. #123456, 123456'and'x'='x 518. #123456, 123456//and+4=7 519. #123456, 123456/*/and+4=4 520. #123456, 123456 521. #123456, 123456 522. #123456, 123456 523. #123456, 123456 524. #123456, 123456 525. #123456, 123456 526. #123456, 123456 527. #123456, 123456 528. #123456, 123456 529. #123456, 123456 530. #123456, 123456 531. #123456, 123456 532. #123456, 123456 533. #123456, 123456 534. #123456, 123456 535. #123456, 123456 536. #123456, 123456 537. #123456, 123456 538. #123456, 123456 539. #123456, 123456 540. #123456, 123456 541. #123456, 123456 542. #123456, 123456 543. #123456, 123456 544. #123456, 123456 545. #123456, 123456 546. #123456, 123456 547. #123456, 123456 548. #123456, 123456 549. #123456, 123456 550. #123456, 123456 551. #123456, 123456 552. #123456, 123456 553. #123456, 123456 554. #123456, 123456 555. #123456, 123456 556. #123456, 123456 557. #123456, 123456 558. #123456, 123456 559. #123456, 123456 560. #123456, 123456 561. #123456, 123456 562. #123456, 123456 563. #123456, 123456 564. #123456, 123456 565. #123456, 123456 566. #123456, 123456 567. #123456, 123456 568. #123456, 123456 569. #123456, 123456 570. #123456, 123456 571. #123456, 123456 572. #123456, 123456 573. #123456, 123456 574. #123456, 123456 575. #123456, 123456 576. #123456, 123456 577. #123456, 123456 578. #123456, 123456 579. #123456, 123456 580. #123456, 123456 581. #123456, 123456 582. #123456, 123456 583. #123456, 123456 584. #123456, 123456 585. #123456, 123456 586. #123456, 123456 587. #123456, 123456 588. #123456, 123456 589. #123456, 123456 590. #123456, 123456 591. #123456, 123456 592. #123456, <%- 837173051+916481857 %> 593. #123456, 123456 594. #123456, 123456 595. #123456, 123456 596. #123456, #set($c=995638813+904174690)${c}$c 597. #123456, 123456 598. #123456, 123456 599. #123456, 123456 600. #123456, 123456 601. #123456, 123456 602. #123456, ${(899003800+833201108)?c} 603. #123456, 123456 604. #123456, 123456 605. #123456, 123456 606. #123456, ${983621574+822783195} 607. #123456, 123456 608. #123456, 123456 609. #123456, 123456 610. #123456, 123456 611. #123456, 123456 612. #123456, /1/{{896838710+997288305}} 613. #123456, 123456 614. #123456, 123456 615. #123456, 123456 616. #123456, 123456 617. #123456, 123456 618. #123456, 123456'"\( 619. #123456, 123456 620. #123456, 123456 621. #123456, 123456 622. #123456, 123456 623. #123456, 123456鎈'"\( 624. #123456, 123456 625. #123456, expr 924288419 + 892960114 626. #123456, 123456 627. #123456, 123456 628. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1063999588')))>'0 629. #123456, 123456 630. #123456, 123456&set /A 890935585+971664642 631. #123456, ${861261422+974577011} 632. #123456, 123456 633. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1467262978'))) 634. #123456, '-var_dump(md5(407254992))-' 635. #123456, 123456$(expr 886836495 + 922714015) 636. #123456, 123456 637. #123456, 123456 638. #123456, 123456//and//cast(md5('1426768351')as//int)>0 639. #123456, ${@var_dump(md5(722098038))}; 640. #123456, 123456 641. #123456, 123456 642. #123456, 123456\|expr 938208005 + 917132722 643. #123456, 123456'and(select'1'from//cast(md5(1999203347)as//int))>'0 644. #123456, 123456 645. #123456, 123456 646. #123456, 123456 expr 801662180 + 819172839 647. #123456, extractvalue(1,concat(char(126),md5(1859440872))) 648. #123456, 123456 649. #123456, 123456 650. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1690767674)))and" 651. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1921141279)))and' 652. #123456, 123456 653. #123456, 123456 654. #123456, 123456 655. #123456, 123456
admin	123456 expr 873585738 + 865526366				^[1]	1. #123456, 123456
admin	123456 expr 921698184 + 858897240		^[1]			1. #123456, 123456
admin	123456 expr 943711456 + 869213613	^[1]				1. #123456, 123456
admin	123456 expr 971196717 + 820054328			^[1]		1. #123456, 123456
admin	123456"and"m"="h	^[1]				1. #123456, 123456
admin	123456"and"m"="m			^[1]		1. #123456, 123456
admin	123456"and"t"="k			^[1]		1. #123456, 123456
admin	123456"and"u"="u		^[1]			1. #123456, 123456
admin	123456"and"w"="w	^[1]				1. #123456, 123456
admin	123456"and"y"="d		^[1]			1. #123456, 123456
admin	123456"and"z"="f				^[1]	1. #123456, 123456
admin	123456"and"z"="z				^[1]	1. #123456, 123456
admin	123456"and(selectfrom(select+sleep(0))a//union/*/select+1)="	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456"and(selectfrom(select+sleep(2))a//union/*/select+1)="	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1034074024)))and"		^[1]			1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1451759642)))and"			^[1]		1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1652399305)))and"				^[1]	1. #123456, 123456
admin	123456$(expr 852030691 + 900049641)				^[1]	1. #123456, 123456
admin	123456$(expr 862653637 + 933576776)			^[1]		1. #123456, 123456
admin	123456$(expr 889233925 + 942033041)		^[1]			1. #123456, 123456
admin	123456$(expr 968153209 + 817536859)	^[1]				1. #123456, 123456
admin	123456&set /A 839202096+973887824		^[1]			1. #123456, 123456
admin	123456&set /A 875407192+820017442				^[1]	1. #123456, 123456
admin	123456&set /A 914255496+922185499			^[1]		1. #123456, 123456
admin	123456&set /A 985734876+936126478	^[1]				1. #123456, 123456
admin	123456'"\(		^[1]	^[2]	^[3]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(0))::text>'0	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(2))::text>'0	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('g',0)='g				^[1]	1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('i',2)='i			^[1]		1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('n',0)='n	^[1]				1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',0)='p		^[1]			1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',2)='p		^[1]			1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('u',0)='u			^[1]		1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('y',2)='y				^[1]	1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('z',2)='z	^[1]				1. #123456, 123456
admin	123456'and'e'='e				^[1]	1. #123456, 123456
admin	123456'and'g'='e				^[1]	1. #123456, 123456
admin	123456'and'l'='l		^[1]			1. #123456, 123456
admin	123456'and'p'='h		^[1]			1. #123456, 123456
admin	123456'and'q'='o			^[1]		1. #123456, 123456
admin	123456'and'v'='h	^[1]				1. #123456, 123456
admin	123456'and'v'='v	^[1]				1. #123456, 123456
admin	123456'and'z'='z			^[1]		1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1130242310)as//int))>'0			^[1]		1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1724546713)as//int))>'0				^[1]	1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1862085756)as//int))>'0		^[1]			1. #123456, 123456
admin	123456'and(selectfrom(select+sleep(0))a//union/*/select+1)='	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'and(selectfrom(select+sleep(2))a//union/*/select+1)='	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:0	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:2	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1573273121')))>'0			^[1]		1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1676704343')))>'0		^[1]			1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1811280100')))>'0				^[1]	1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1402308388)))and'		^[1]			1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1440092295)))and'			^[1]		1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1743535807)))and'				^[1]	1. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:0'/**/	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:2'/**/	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(0))>0//	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(2))>0//	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin	123456/**/and+0=8		^[1]			1. #123456, 123456
admin	123456/**/and+2=2		^[1]		^[2]	1. #123456, 123456 2. #123456, 123456
admin	123456/**/and+2=7	^[1]				1. #123456, 123456
admin	123456/**/and+2=9				^[1]	1. #123456, 123456
admin	123456/**/and+3=3			^[1]		1. #123456, 123456
admin	123456/**/and+3=7			^[1]		1. #123456, 123456
admin	123456/**/and+4=4	^[1]				1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('a',2)		^[1]			1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('v',2)			^[1]		1. #123456, 123456
admin	123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('b',0)			^[1]		1. #123456, 123456
admin	123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('i',2)	^[1]				1. #123456, 123456
admin	123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('g',0)				^[1]	1. #123456, 123456
admin	123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('m',0)		^[1]			1. #123456, 123456
admin	123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('o',0)	^[1]				1. #123456, 123456
admin	123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('o',2)				^[1]	1. #123456, 123456
admin	123456//and//cast(md5('1336033496')as/**/int)>0			^[1]		1. #123456, 123456
admin	123456//and//cast(md5('1601871961')as/**/int)>0		^[1]			1. #123456, 123456
admin	123456//and//cast(md5('1655310532')as/**/int)>0				^[1]	1. #123456, 123456
admin	123456\|expr 828729798 + 822002545			^[1]		1. #123456, 123456
admin	123456\|expr 843645546 + 863601286				^[1]	1. #123456, 123456
admin	123456\|expr 846070720 + 807167037		^[1]			1. #123456, 123456
admin	123456\|expr 923831146 + 808869436	^[1]				1. #123456, 123456
admin	123456鎈'"\(		^[1]	^[2]	^[3]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456
admin	<%- 831260167+963376682 %>	^[1]				1. #123456, 123456
admin	<%- 887682892+934363838 %>				^[1]	1. #123456, 123456
admin	<%- 914425831+873766520 %>		^[1]			1. #123456, 123456
admin	<%- 917536204+976634158 %>			^[1]		1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1122855635')))				^[1]	1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1557776216')))		^[1]			1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1638494554')))			^[1]		1. #123456, 123456
admin	expr 811086634 + 922141285		^[1]			1. #123456, 123456
admin	expr 871123686 + 963561240	^[1]				1. #123456, 123456
admin	expr 905732142 + 837261645				^[1]	1. #123456, 123456
admin	expr 961535106 + 983658696			^[1]		1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1400030542)))		^[1]			1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1531838864)))				^[1]	1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1666526898)))			^[1]		1. #123456, 123456
admin expr 826687955 + 804832479	123456		^[1]			1. #123456, 123456
admin expr 863647445 + 886879993	123456				^[1]	1. #123456, 123456
admin expr 930700422 + 959531916	123456	^[1]				1. #123456, 123456
admin expr 974750344 + 996413773	123456			^[1]		1. #123456, 123456
admin"and"e"="a	123456				^[1]	1. #123456, 123456
admin"and"l"="l	123456				^[1]	1. #123456, 123456
admin"and"l"="o	123456	^[1]				1. #123456, 123456
admin"and"p"="p	123456	^[1]				1. #123456, 123456
admin"and"s"="q	123456			^[1]		1. #123456, 123456
admin"and"s"="s	123456		^[1]			1. #123456, 123456
admin"and"t"="y	123456		^[1]			1. #123456, 123456
admin"and"w"="w	123456			^[1]		1. #123456, 123456
admin"and(selectfrom(select+sleep(0))a//union/*/select+1)="	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin"and(selectfrom(select+sleep(2))a//union/*/select+1)="	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1061632602)))and"	123456		^[1]			1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1509905803)))and"	123456				^[1]	1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1578251539)))and"	123456			^[1]		1. #123456, 123456
admin$(expr 835101880 + 966184972)	123456				^[1]	1. #123456, 123456
admin$(expr 848572675 + 834046023)	123456			^[1]		1. #123456, 123456
admin$(expr 870748209 + 900459613)	123456	^[1]				1. #123456, 123456
admin$(expr 977098532 + 882381801)	123456		^[1]			1. #123456, 123456
admin&set /A 839002648+922615475	123456				^[1]	1. #123456, 123456
admin&set /A 868244027+974790546	123456		^[1]			1. #123456, 123456
admin&set /A 884666759+882366251	123456	^[1]				1. #123456, 123456
admin&set /A 963627449+984442064	123456			^[1]		1. #123456, 123456
admin'"\(	123456		^[1]	^[2]	^[3]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456
admin'//and(select'1'from//pg_sleep(0))::text>'0	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'//and(select'1'from//pg_sleep(2))::text>'0	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('a',0)='a	123456	^[1]				1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('g',0)='g	123456		^[1]			1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('k',0)='k	123456			^[1]		1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('m',2)='m	123456				^[1]	1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('n',2)='n	123456			^[1]		1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('o',0)='o	123456				^[1]	1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('s',2)='s	123456		^[1]			1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('t',2)='t	123456	^[1]				1. #123456, 123456
admin'and'b'='q	123456	^[1]				1. #123456, 123456
admin'and'l'='l	123456			^[1]		1. #123456, 123456
admin'and'l'='v	123456				^[1]	1. #123456, 123456
admin'and'q'='i	123456			^[1]		1. #123456, 123456
admin'and's'='s	123456	^[1]				1. #123456, 123456
admin'and'u'='p	123456		^[1]			1. #123456, 123456
admin'and'v'='v	123456				^[1]	1. #123456, 123456
admin'and'x'='x	123456		^[1]			1. #123456, 123456
admin'and(select'1'from//cast(md5(1015774737)as//int))>'0	123456				^[1]	1. #123456, 123456
admin'and(select'1'from//cast(md5(1502141502)as//int))>'0	123456		^[1]			1. #123456, 123456
admin'and(select'1'from//cast(md5(1900177900)as//int))>'0	123456			^[1]		1. #123456, 123456
admin'and(selectfrom(select+sleep(0))a//union/*/select+1)='	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'and(selectfrom(select+sleep(2))a//union/*/select+1)='	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:0	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:2	123456	^[1]	^[2]	^[3]	^[4]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1502060571')))>'0	123456				^[1]	1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1621432640')))>'0	123456		^[1]			1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1673171535')))>'0	123456			^[1]		1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1345013594)))and'	123456				^[1]	1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1514960472)))and'	123456		^[1]			1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1524671476)))and'	123456			^[1]		1. #123456, 123456
admin//and//cast(md5('1018933045')as/**/int)>0	123456			^[1]		1. #123456, 123456
admin//and//cast(md5('1025625118')as/**/int)>0	123456		^[1]			1. #123456, 123456
admin//and//cast(md5('1869045827')as/**/int)>0	123456				^[1]	1. #123456, 123456
admin\|expr 914336734 + 874399546	123456			^[1]		1. #123456, 123456
admin\|expr 926737389 + 993629417	123456	^[1]				1. #123456, 123456
admin\|expr 930485990 + 909112149	123456				^[1]	1. #123456, 123456
admin\|expr 984702763 + 874865626	123456		^[1]			1. #123456, 123456
admin鎈'"\(	123456		^[1]	^[2]	^[3]	1. #123456, 123456 2. #123456, 123456 3. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1093543877')))	123456			^[1]		1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1318227958')))	123456		^[1]			1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1947535362')))	123456				^[1]	1. #123456, 123456
ebelko		^[1]	^[2]			1. Registration works. When trying to auth with ssh there is prompt for PIN, but no prompt for touching the device and the PIN promt gets repeated. 2. When trying to auth with ssh there is prompt for PIN, but no prompt for touching the device and the PIN promt gets repeated.
expr 851544774 + 885819625	123456				^[1]	1. #123456, 123456
expr 862224437 + 896646811	123456	^[1]				1. #123456, 123456
expr 883065980 + 993320370	123456		^[1]			1. #123456, 123456
expr 962127843 + 865008053	123456			^[1]		1. #123456, 123456
extractvalue(1,concat(char(126),md5(1449464300)))	123456		^[1]			1. #123456, 123456
extractvalue(1,concat(char(126),md5(1718500978)))	123456				^[1]	1. #123456, 123456
extractvalue(1,concat(char(126),md5(1775313356)))	123456			^[1]		1. #123456, 123456
spoore	Fedora-Everything-netinst-x86_64-39-20230920.n.0.iso VM	^[1]	^[2]	^[3]	^[4]	1. su worked after putting selinux into permissive mode. failed initially due to AVC denial: time->Fri Sep 22 14:00:28 2023 type=AVC msg=audit(1695409228.862:565): avc: denied { execute } for pid=4260 comm="sssd_pam" name="passkey_child" dev="vda3" ino=172502 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:ipa_otpd_exec_t:s0 tclass=file permissive=0 2. With selinux in permissive mode, it fails to authenticate with an incorrect pin as expected: -sh-5.2$ su - testuser1 Insert your passkey device, then press ENTER. Enter PIN: su: Authentication failure 3. First put selinux into permissive mode. Authentication failed as expected with incorrect passkey mapping data: Used passkey mapping data from a previous registration before running a "ykman fido reset". # ipa user-add-passkey testuser1 "passkey:..." -sh-5.2$ su - testuser1 Insert your passkey device, then press ENTER. Enter PIN: su: Authentication failure 4. only able to test on server and client. Remember to fix mapping data before testing. -sh-5.2$ su - testuser1 Insert your passkey device, then press ENTER. Enter PIN: Last login: Fri Sep 22 14:15:37 CDT 2023 on pts/0 -sh-5.2$ hostname ipa.passkey.test
sumenon	Login as ipa user with incorrect PIN		^[1]			1. [sumenon@fedora ~]$ ssh -l ipauser1@fedora39.test client.fedora39.test (ipauser1@fedora39.test@client.fedora39.test) Kerberos TGT will not be granted upon login, user experience will be affected. Insert your passkey device, then press ENTER. (ipauser1@fedora39.test@client.fedora39.test) Enter PIN: Note: The above prompt is asked for 3 times and then it falls back to Received disconnect from 192.168.122.129 port 22:2: Too many authentication failures Disconnected from 192.168.122.129 port 22
sumenon	Login as ipa user with passkey set and doing ssh	^[1]				1. [sumenon@fedora ~]$ ssh -l ipauser1@fedora39.test client.fedora39.test (ipauser1@fedora39.test@client.fedora39.test) Kerberos TGT will not be granted upon login, user experience will be affected. Insert your passkey device, then press ENTER. (ipauser1@fedora39.test@client.fedora39.test) Enter PIN: No Kerberos TGT granted as the server does not support this method. Your single-sign on(SSO) experience will be affected. Last login: Thu Sep 21 18:19:03 2023 Could not chdir to home directory /home/ipauser1: Permission denied -sh: /home/ipauser1/.profile: Permission denied -sh-5.2$ klist -l Principal name Cache name -------------- ---------- ipauser1@FEDORA39.TEST KCM:1866800004:43548
sumenon	Login as ipa user with passkey set and from GNOME desktop

Basic

Username	Profile	obtain kerberos ticket	handle three incorrect attempts	system key blocking	system key removal	user login replica	user removal fido2	Comments
		Enter result	Enter result	Enter result	Enter result	Enter result	Enter result
#set($c=816279587+828191966)${c}$c	123456			^[1]				1. #123456, 123456
#set($c=826101225+954362843)${c}$c	123456	^[1]						1. #123456, 123456
#set($c=827706580+966512634)${c}$c	123456					^[1]		1. #123456, 123456
#set($c=997712271+937349643)${c}$c	123456				^[1]			1. #123456, 123456
${(871859145+814959523)?c}	123456			^[1]				1. #123456, 123456
${(888376838+879720786)?c}	123456				^[1]			1. #123456, 123456
${(930461926+807759804)?c}	123456					^[1]		1. #123456, 123456
${(972203714+836931334)?c}	123456	^[1]						1. #123456, 123456
${826469755+814308285}	123456	^[1]						1. #123456, 123456
${857869957+914982332}	123456		^[1]					1. #123456, 123456
${858801373+930205824}	123456				^[1]			1. #123456, 123456
${910898083+844557070}	123456				^[1]			1. #123456, 123456
${930854636+892883644}	123456			^[1]				1. #123456, 123456
${937332008+942383449}	123456	^[1]						1. #123456, 123456
${940450021+807538394}	123456					^[1]		1. #123456, 123456
${959784880+887236282}	123456					^[1]		1. #123456, 123456
${960217850+829353266}	123456			^[1]				1. #123456, 123456
${@var_dump(md5(144089225))};	123456		^[1]					1. #123456, 123456
${@var_dump(md5(218209072))};	123456				^[1]			1. #123456, 123456
${@var_dump(md5(285729778))};	123456	^[1]						1. #123456, 123456
${@var_dump(md5(455127484))};	123456			^[1]				1. #123456, 123456
${@var_dump(md5(770710947))};	123456					^[1]		1. #123456, 123456
'-var_dump(md5(138889116))-'	123456			^[1]				1. #123456, 123456
'-var_dump(md5(266342978))-'	123456					^[1]		1. #123456, 123456
'-var_dump(md5(279706572))-'	123456	^[1]						1. #123456, 123456
'-var_dump(md5(455176223))-'	123456		^[1]					1. #123456, 123456
'-var_dump(md5(902590999))-'	123456				^[1]			1. #123456, 123456
/1/{{803758509+967397806}}	123456				^[1]			1. #123456, 123456
/1/{{862218767+903565722}}	123456					^[1]		1. #123456, 123456
/1/{{863902338+989619851}}	123456			^[1]				1. #123456, 123456
/1/{{964521792+941826972}}	123456	^[1]						1. #123456, 123456
<%- 823322633+906169167 %>	123456				^[1]			1. #123456, 123456
<%- 858721472+989285302 %>	123456					^[1]		1. #123456, 123456
<%- 895421899+802164148 %>	123456			^[1]				1. #123456, 123456
<%- 953416865+900824753 %>	123456	^[1]						1. #123456, 123456
admin	#set($c=849927171+823902360)${c}$c				^[1]			1. #123456, 123456
admin	#set($c=869815211+861668974)${c}$c		^[1]					1. #123456, 123456
admin	#set($c=936849519+829002691)${c}$c					^[1]		1. #123456, 123456
admin	#set($c=973855381+896880128)${c}$c			^[1]				1. #123456, 123456
admin	#set($c=975846438+826637725)${c}$c	^[1]						1. #123456, 123456
admin	${(846402055+843175378)?c}		^[1]					1. #123456, 123456
admin	${(911491908+862821172)?c}					^[1]		1. #123456, 123456
admin	${(922086636+818913059)?c}			^[1]				1. #123456, 123456
admin	${(937196299+959640968)?c}	^[1]						1. #123456, 123456
admin	${(937618119+852850142)?c}				^[1]			1. #123456, 123456
admin	${801256950+825528531}		^[1]					1. #123456, 123456
admin	${821946959+822473056}	^[1]						1. #123456, 123456
admin	${854081619+841709193}				^[1]			1. #123456, 123456
admin	${865291484+847764254}	^[1]						1. #123456, 123456
admin	${876925133+910828681}				^[1]			1. #123456, 123456
admin	${885653186+837434733}			^[1]				1. #123456, 123456
admin	${941805273+970661191}		^[1]					1. #123456, 123456
admin	${968660742+896965606}					^[1]		1. #123456, 123456
admin	${969622928+987154058}			^[1]				1. #123456, 123456
admin	${981266777+890127777}					^[1]		1. #123456, 123456
admin	${@var_dump(md5(199821449))};		^[1]					1. #123456, 123456
admin	${@var_dump(md5(313081838))};	^[1]						1. #123456, 123456
admin	${@var_dump(md5(347865349))};				^[1]			1. #123456, 123456
admin	${@var_dump(md5(588097900))};			^[1]				1. #123456, 123456
admin	${@var_dump(md5(642257131))};					^[1]		1. #123456, 123456
admin	'-var_dump(md5(369506714))-'		^[1]					1. #123456, 123456
admin	'-var_dump(md5(419572731))-'	^[1]						1. #123456, 123456
admin	'-var_dump(md5(592521677))-'				^[1]			1. #123456, 123456
admin	'-var_dump(md5(609968259))-'					^[1]		1. #123456, 123456
admin	'-var_dump(md5(692953473))-'			^[1]				1. #123456, 123456
admin	(selectfrom(select+sleep(0)union/*/select+1)a)	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	(selectfrom(select+sleep(2)union/*/select+1)a)	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	/1/{{836092655+832503516}}					^[1]		1. #123456, 123456
admin	/1/{{838244679+941943228}}	^[1]						1. #123456, 123456
admin	/1/{{838561815+874079104}}			^[1]				1. #123456, 123456
admin	/1/{{893259046+944310393}}				^[1]			1. #123456, 123456
admin	/1/{{922732368+836861449}}		^[1]					1. #123456, 123456
admin	123456	^[1] ^[2] ^[3] ^[4] ^[5] ^[6] ^[7] ^[8] ^[9] ^[10] ^[11] ^[12] ^[13] ^[14] ^[15] ^[16] ^[17] ^[18] ^[19] ^[20] ^[21] ^[22] ^[23] ^[24] ^[25] ^[26] ^[27] ^[28] ^[29] ^[30] ^[31] ^[32] ^[33] ^[34] ^[35] ^[36] ^[37] ^[38] ^[39] ^[40] ^[41] ^[42] ^[43] ^[44] ^[45] ^[46] ^[47] ^[48] ^[49] ^[50] ^[51] ^[52] ^[53] ^[54] ^[55] ^[56] ^[57] ^[58] ^[59] ^[60] ^[61] ^[62] ^[63] ^[64] ^[65] ^[66] ^[67] ^[68] ^[69] ^[70] ^[71] ^[72] ^[73] ^[74] ^[75] ^[76] ^[77] ^[78] ^[79] ^[80] ^[81] ^[82] ^[83] ^[84] ^[85] ^[86] ^[87] ^[88] ^[89] ^[90] ^[91] ^[92] ^[93] ^[94] ^[95] ^[96] ^[97] ^[98] ^[99] ^[100] ^[101] ^[102] ^[103] ^[104] ^[105] ^[106] ^[107] ^[108] ^[109] ^[110] ^[111] ^[112] ^[113] ^[114] ^[115] ^[116] ^[117] ^[118] ^[119] ^[120] ^[121] ^[122] ^[123] ^[124] ^[125] ^[126] ^[127] ^[128] ^[129] ^[130] ^[131] ^[132] ^[133] ^[134] ^[135] ^[136] ^[137] ^[138] ^[139] ^[140] ^[141] ^[142] ^[143] ^[144] ^[145] ^[146] ^[147] ^[148] ^[149] ^[150] ^[151] ^[152] ^[153] ^[154] ^[155] ^[156] ^[157] ^[158] ^[159] ^[160] ^[161] ^[162] ^[163] ^[164] ^[165] ^[166] ^[167] ^[168] ^[169] ^[170] ^[171] ^[172] ^[173] ^[174] ^[175] ^[176] ^[177] ^[178]	^[179] ^[180] ^[181] ^[182] ^[183] ^[184] ^[185] ^[186] ^[187] ^[188] ^[189] ^[190] ^[191] ^[192] ^[193] ^[194] ^[195] ^[196] ^[197] ^[198] ^[199] ^[200] ^[201] ^[202] ^[203] ^[204] ^[205] ^[206] ^[207] ^[208] ^[209] ^[210] ^[211] ^[212] ^[213] ^[214] ^[215] ^[216] ^[217] ^[218] ^[219] ^[220] ^[221] ^[222] ^[223] ^[224] ^[225] ^[226] ^[227] ^[228] ^[229] ^[230] ^[231] ^[232] ^[233] ^[234] ^[235] ^[236] ^[237] ^[238] ^[239] ^[240] ^[241] ^[242] ^[243] ^[244] ^[245] ^[246] ^[247] ^[248] ^[249] ^[250] ^[251] ^[252] ^[253] ^[254] ^[255] ^[256] ^[257] ^[258] ^[259] ^[260] ^[261] ^[262] ^[263] ^[264] ^[265] ^[266] ^[267] ^[268] ^[269] ^[270] ^[271] ^[272] ^[273] ^[274] ^[275] ^[276] ^[277] ^[278] ^[279] ^[280] ^[281] ^[282] ^[283] ^[284] ^[285] ^[286] ^[287] ^[288] ^[289] ^[290] ^[291] ^[292] ^[293] ^[294] ^[295] ^[296] ^[297] ^[298] ^[299] ^[300] ^[301] ^[302] ^[303] ^[304] ^[305] ^[306] ^[307] ^[308] ^[309] ^[310] ^[311] ^[312] ^[313] ^[314] ^[315] ^[316] ^[317] ^[318] ^[319] ^[320] ^[321] ^[322] ^[323] ^[324] ^[325] ^[326] ^[327] ^[328] ^[329] ^[330] ^[331] ^[332] ^[333] ^[334] ^[335] ^[336] ^[337] ^[338]	^[339] ^[340] ^[341] ^[342] ^[343] ^[344] ^[345] ^[346] ^[347] ^[348] ^[349] ^[350] ^[351] ^[352] ^[353] ^[354] ^[355] ^[356] ^[357] ^[358] ^[359] ^[360] ^[361] ^[362] ^[363] ^[364] ^[365] ^[366] ^[367] ^[368] ^[369] ^[370] ^[371] ^[372] ^[373] ^[374] ^[375] ^[376] ^[377] ^[378] ^[379] ^[380] ^[381] ^[382] ^[383] ^[384] ^[385] ^[386] ^[387] ^[388] ^[389] ^[390] ^[391] ^[392] ^[393] ^[394] ^[395] ^[396] ^[397] ^[398] ^[399] ^[400] ^[401] ^[402] ^[403] ^[404] ^[405] ^[406] ^[407] ^[408] ^[409] ^[410] ^[411] ^[412] ^[413] ^[414] ^[415] ^[416] ^[417] ^[418] ^[419] ^[420] ^[421] ^[422] ^[423] ^[424] ^[425] ^[426] ^[427] ^[428] ^[429] ^[430] ^[431] ^[432] ^[433] ^[434] ^[435] ^[436] ^[437] ^[438] ^[439] ^[440] ^[441] ^[442] ^[443] ^[444] ^[445] ^[446] ^[447] ^[448] ^[449] ^[450] ^[451] ^[452] ^[453] ^[454] ^[455] ^[456] ^[457] ^[458] ^[459] ^[460] ^[461] ^[462] ^[463] ^[464] ^[465] ^[466] ^[467] ^[468] ^[469] ^[470] ^[471] ^[472] ^[473] ^[474] ^[475] ^[476] ^[477] ^[478] ^[479] ^[480] ^[481] ^[482] ^[483] ^[484] ^[485] ^[486] ^[487] ^[488] ^[489] ^[490] ^[491] ^[492] ^[493] ^[494] ^[495] ^[496] ^[497] ^[498] ^[499] ^[500] ^[501] ^[502] ^[503] ^[504] ^[505] ^[506] ^[507] ^[508] ^[509] ^[510] ^[511] ^[512] ^[513]	^[514] ^[515] ^[516] ^[517] ^[518] ^[519] ^[520] ^[521] ^[522] ^[523] ^[524] ^[525] ^[526] ^[527] ^[528] ^[529] ^[530] ^[531] ^[532] ^[533] ^[534] ^[535] ^[536] ^[537] ^[538] ^[539] ^[540] ^[541] ^[542] ^[543] ^[544] ^[545] ^[546] ^[547] ^[548] ^[549] ^[550] ^[551] ^[552] ^[553] ^[554] ^[555] ^[556] ^[557] ^[558] ^[559] ^[560] ^[561] ^[562] ^[563] ^[564] ^[565] ^[566] ^[567] ^[568] ^[569] ^[570] ^[571] ^[572] ^[573] ^[574] ^[575] ^[576] ^[577] ^[578] ^[579] ^[580] ^[581] ^[582] ^[583] ^[584] ^[585] ^[586] ^[587] ^[588] ^[589] ^[590] ^[591] ^[592] ^[593] ^[594] ^[595] ^[596] ^[597] ^[598] ^[599] ^[600] ^[601] ^[602] ^[603] ^[604] ^[605] ^[606] ^[607] ^[608] ^[609] ^[610] ^[611] ^[612] ^[613] ^[614] ^[615] ^[616] ^[617] ^[618] ^[619] ^[620] ^[621] ^[622] ^[623] ^[624] ^[625] ^[626] ^[627] ^[628] ^[629] ^[630] ^[631] ^[632] ^[633] ^[634] ^[635] ^[636] ^[637] ^[638] ^[639] ^[640] ^[641] ^[642] ^[643] ^[644] ^[645] ^[646] ^[647] ^[648] ^[649] ^[650] ^[651] ^[652] ^[653] ^[654] ^[655] ^[656] ^[657] ^[658] ^[659] ^[660] ^[661] ^[662] ^[663] ^[664] ^[665] ^[666] ^[667] ^[668] ^[669] ^[670] ^[671] ^[672] ^[673] ^[674] ^[675] ^[676] ^[677] ^[678] ^[679] ^[680] ^[681] ^[682] ^[683] ^[684] ^[685] ^[686] ^[687] ^[688] ^[689] ^[690] ^[691] ^[692] ^[693] ^[694] ^[695]	^[696] ^[697] ^[698] ^[699] ^[700] ^[701] ^[702] ^[703] ^[704] ^[705] ^[706] ^[707] ^[708] ^[709] ^[710] ^[711] ^[712] ^[713] ^[714] ^[715] ^[716] ^[717] ^[718] ^[719] ^[720] ^[721] ^[722] ^[723] ^[724] ^[725] ^[726] ^[727] ^[728] ^[729] ^[730] ^[731] ^[732] ^[733] ^[734] ^[735] ^[736] ^[737] ^[738] ^[739] ^[740] ^[741] ^[742] ^[743] ^[744] ^[745] ^[746] ^[747] ^[748] ^[749] ^[750] ^[751] ^[752] ^[753] ^[754] ^[755] ^[756] ^[757] ^[758] ^[759] ^[760] ^[761] ^[762] ^[763] ^[764] ^[765] ^[766] ^[767] ^[768] ^[769] ^[770] ^[771] ^[772] ^[773] ^[774] ^[775] ^[776] ^[777] ^[778] ^[779] ^[780] ^[781] ^[782] ^[783] ^[784] ^[785] ^[786] ^[787] ^[788] ^[789] ^[790] ^[791] ^[792] ^[793] ^[794] ^[795] ^[796] ^[797] ^[798] ^[799] ^[800] ^[801] ^[802] ^[803] ^[804] ^[805] ^[806] ^[807] ^[808] ^[809] ^[810] ^[811] ^[812] ^[813] ^[814] ^[815] ^[816] ^[817] ^[818] ^[819] ^[820] ^[821] ^[822] ^[823] ^[824] ^[825] ^[826] ^[827] ^[828] ^[829] ^[830] ^[831] ^[832] ^[833] ^[834] ^[835] ^[836] ^[837] ^[838] ^[839] ^[840] ^[841] ^[842] ^[843] ^[844] ^[845] ^[846] ^[847] ^[848] ^[849] ^[850] ^[851] ^[852] ^[853] ^[854] ^[855] ^[856] ^[857] ^[858] ^[859] ^[860] ^[861] ^[862] ^[863] ^[864] ^[865] ^[866] ^[867] ^[868] ^[869]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456 6. #123456, 123456 7. #123456, 123456 8. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('f',2)='f 9. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('p',0)='p 10. #123456, 123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('b',2) 11. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('i',0) 12. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 13. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 14. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 15. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 16. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 17. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 18. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 19. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 20. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 21. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 22. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 23. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 24. #123456, (selectfrom(select+sleep(2)union//select+1)a) 25. #123456, (selectfrom(select+sleep(0)union//select+1)a) 26. #123456, 123456"and"e"="u 27. #123456, 123456"and"k"="k 28. #123456, 123456'and'i'='x 29. #123456, 123456'and'g'='g 30. #123456, 123456//and+0=7 31. #123456, 123456//and+1=1 32. #123456, 123456 33. #123456, 123456 34. #123456, 123456 35. #123456, 123456 36. #123456, 123456 37. #123456, 123456 38. #123456, 123456 39. #123456, 123456 40. #123456, 123456 41. #123456, 123456 42. #123456, 123456 43. #123456, 123456 44. #123456, 123456 45. #123456, 123456 46. #123456, 123456 47. #123456, 123456 48. #123456, 123456'"\( 49. #123456, 123456鎈'"\( 50. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1446780292')))>'0 51. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1445281121'))) 52. #123456, 123456//and//cast(md5('1254753982')as//int)>0 53. #123456, 123456'and(select'1'from//cast(md5(1326516763)as//int))>'0 54. #123456, extractvalue(1,concat(char(126),md5(1177695183))) 55. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1171719355)))and" 56. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1428829247)))and' 57. #123456, 123456 58. #123456, 123456 59. #123456, 123456 60. #123456, 123456 61. #123456, 123456 62. #123456, 123456 63. #123456, 123456 64. #123456, 123456 65. #123456, 123456 66. #123456, 123456 67. #123456, <%- 858551502+905729243 %> 68. #123456, 123456 69. #123456, #set($c=973417182+811969802)${c}$c 70. #123456, 123456 71. #123456, ${(945293231+800582692)?c} 72. #123456, ${911002572+833924867} 73. #123456, /1/{{898204778+963804071}} 74. #123456, 123456 75. #123456, 123456 76. #123456, 123456 77. #123456, 123456 78. #123456, 123456 79. #123456, 123456 80. #123456, 123456 81. #123456, 123456 82. #123456, 123456 83. #123456, 123456 84. #123456, 123456 85. #123456, 123456 86. #123456, 123456 87. #123456, 123456 88. #123456, 123456 89. #123456, 123456 90. #123456, 123456 91. #123456, 123456 92. #123456, 123456 93. #123456, 123456 94. #123456, 123456 95. #123456, 123456 96. #123456, 123456 97. #123456, 123456 98. #123456, 123456 99. #123456, 123456 100. #123456, 123456 101. #123456, 123456 102. #123456, 123456 103. #123456, 123456 104. #123456, 123456 105. #123456, 123456 106. #123456, 123456 107. #123456, 123456 108. #123456, 123456 109. #123456, 123456 110. #123456, 123456 111. #123456, ${958341207+992785585} 112. #123456, 123456 113. #123456, 123456 114. #123456, 123456 115. #123456, 123456 116. #123456, 123456 117. #123456, 123456 118. #123456, 123456 119. #123456, 123456 120. #123456, 123456 121. #123456, expr 871796746 + 802295358 122. #123456, 123456 123. #123456, 123456 124. #123456, 123456 125. #123456, 123456&set /A 916235004+866651219 126. #123456, 123456 127. #123456, 123456 128. #123456, 123456 129. #123456, 123456$(expr 870221755 + 945306635) 130. #123456, 123456 131. #123456, 123456 132. #123456, 123456 133. #123456, '-var_dump(md5(309789530))-' 134. #123456, 123456\|expr 818524739 + 869313720 135. #123456, 123456 136. #123456, 123456 137. #123456, 123456 138. #123456, ${@var_dump(md5(954093743))}; 139. #123456, 123456 expr 856117729 + 937519988 140. #123456, 123456 141. #123456, 123456 142. #123456, 123456 143. #123456, 123456 144. #123456, 123456 145. #123456, 123456 146. #123456, 123456 147. #123456, 123456 148. #123456, 123456 149. #123456, 123456 150. #123456, 123456 151. #123456, 123456 152. #123456, 123456 153. #123456, 123456 154. #123456, 123456 155. #123456, 123456 156. #123456, 123456 157. #123456, 123456 158. #123456, 123456 159. #123456, 123456 160. #123456, 123456 161. #123456, 123456 162. #123456, 123456 163. #123456, 123456 164. #123456, 123456 165. #123456, 123456 166. #123456, 123456 167. #123456, 123456 168. #123456, 123456 169. #123456, 123456 170. #123456, 123456 171. #123456, 123456 172. #123456, 123456 173. #123456, 123456 174. #123456, 123456 175. #123456, 123456 176. #123456, 123456 177. #123456, 123456 178. #123456, 123456 179. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('h',2)='h 180. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z 181. #123456, 123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('m',2) 182. #123456, 123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('w',0) 183. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 184. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 185. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 186. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 187. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 188. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 189. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 190. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 191. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 192. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 193. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 194. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 195. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 196. #123456, (selectfrom(select+sleep(0)union//select+1)a) 197. #123456, 123456"and"e"="q 198. #123456, 123456"and"o"="o 199. #123456, 123456'and'o'='f 200. #123456, 123456'and'h'='h 201. #123456, 123456//and+3=5 202. #123456, 123456//and+1=1 203. #123456, 123456 204. #123456, 123456 205. #123456, 123456 206. #123456, 123456 207. #123456, 123456 208. #123456, 123456 209. #123456, 123456 210. #123456, 123456 211. #123456, 123456 212. #123456, 123456 213. #123456, 123456 214. #123456, 123456 215. #123456, 123456 216. #123456, 123456 217. #123456, 123456 218. #123456, 123456 219. #123456, 123456 220. #123456, 123456 221. #123456, 123456 222. #123456, 123456 223. #123456, 123456 224. #123456, 123456 225. #123456, 123456 226. #123456, 123456 227. #123456, 123456 228. #123456, 123456 229. #123456, 123456 230. #123456, 123456 231. #123456, 123456 232. #123456, 123456 233. #123456, 123456 234. #123456, 123456 235. #123456, 123456 236. #123456, 123456 237. #123456, 123456 238. #123456, 123456 239. #123456, 123456 240. #123456, 123456 241. #123456, 123456 242. #123456, 123456 243. #123456, 123456 244. #123456, 123456 245. #123456, 123456 246. #123456, expr 936970968 + 876635028 247. #123456, 123456 248. #123456, 123456&set /A 809531295+842007473 249. #123456, 123456$(expr 854158363 + 967888119) 250. #123456, 123456\|expr 994804743 + 895931588 251. #123456, 123456 expr 998761609 + 862321740 252. #123456, 123456 253. #123456, 123456 254. #123456, 123456 255. #123456, 123456 256. #123456, 123456 257. #123456, 123456 258. #123456, 123456 259. #123456, 123456 260. #123456, 123456 261. #123456, 123456 262. #123456, 123456 263. #123456, 123456 264. #123456, 123456 265. #123456, 123456 266. #123456, 123456 267. #123456, 123456 268. #123456, 123456 269. #123456, 123456 270. #123456, 123456 271. #123456, 123456 272. #123456, 123456 273. #123456, 123456 274. #123456, '-var_dump(md5(321289143))-' 275. #123456, 123456 276. #123456, 123456'"\( 277. #123456, ${@var_dump(md5(924132538))}; 278. #123456, 123456鎈'"\( 279. #123456, 123456 280. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1489832052')))>'0 281. #123456, 123456 282. #123456, 123456 283. #123456, 123456 284. #123456, 123456 285. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1908596118'))) 286. #123456, 123456 287. #123456, 123456 288. #123456, 123456 289. #123456, 123456//and//cast(md5('1987871911')as//int)>0 290. #123456, 123456 291. #123456, 123456 292. #123456, ${952763386+953092344} 293. #123456, 123456'and(select'1'from//cast(md5(1824697560)as//int))>'0 294. #123456, 123456 295. #123456, 123456 296. #123456, extractvalue(1,concat(char(126),md5(1145575268))) 297. #123456, 123456 298. #123456, 123456 299. #123456, 123456 300. #123456, 123456 301. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1927474289)))and" 302. #123456, 123456 303. #123456, 123456 304. #123456, 123456 305. #123456, 123456'and//extractvalue(1,concat(char(126),md5(1426394223)))and' 306. #123456, 123456 307. #123456, 123456 308. #123456, 123456 309. #123456, 123456 310. #123456, 123456 311. #123456, 123456 312. #123456, 123456 313. #123456, 123456 314. #123456, 123456 315. #123456, 123456 316. #123456, 123456 317. #123456, 123456 318. #123456, 123456 319. #123456, 123456 320. #123456, 123456 321. #123456, 123456 322. #123456, 123456 323. #123456, 123456 324. #123456, 123456 325. #123456, 123456 326. #123456, 123456 327. #123456, 123456 328. #123456, 123456 329. #123456, 123456 330. #123456, 123456 331. #123456, 123456 332. #123456, 123456 333. #123456, 123456 334. #123456, 123456 335. #123456, 123456 336. #123456, 123456 337. #123456, 123456 338. #123456, 123456 339. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('w',2)='w 340. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z 341. #123456, 123456//and//4=DBMS_PIPE.RECEIVE_MESSAGE('c',2) 342. #123456, 123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('k',0) 343. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 344. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 345. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 346. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 347. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 348. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 349. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 350. #123456, 123456//and(select+1//from//pg_sleep(0))>0/*/ 351. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 352. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 353. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 354. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 355. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 356. #123456, (selectfrom(select+sleep(0)union//select+1)a) 357. #123456, 123456"and"h"="u 358. #123456, 123456"and"n"="n 359. #123456, 123456'and'q'='h 360. #123456, 123456'and'p'='p 361. #123456, 123456//and+2=9 362. #123456, 123456//and+3=3 363. #123456, 123456 364. #123456, 123456 365. #123456, 123456 366. #123456, 123456 367. #123456, 123456 368. #123456, 123456 369. #123456, 123456 370. #123456, 123456 371. #123456, 123456 372. #123456, 123456 373. #123456, 123456 374. #123456, 123456 375. #123456, 123456 376. #123456, 123456 377. #123456, 123456 378. #123456, 123456 379. #123456, 123456 380. #123456, 123456 381. #123456, 123456 382. #123456, 123456 383. #123456, 123456 384. #123456, 123456 385. #123456, 123456 386. #123456, 123456 387. #123456, 123456 388. #123456, 123456 389. #123456, 123456 390. #123456, 123456 391. #123456, 123456 392. #123456, 123456 393. #123456, 123456 394. #123456, 123456 395. #123456, 123456 396. #123456, 123456 397. #123456, 123456 398. #123456, 123456 399. #123456, 123456 400. #123456, 123456 401. #123456, 123456 402. #123456, 123456 403. #123456, 123456 404. #123456, 123456 405. #123456, 123456 406. #123456, 123456 407. #123456, 123456 408. #123456, 123456 409. #123456, 123456 410. #123456, 123456'"\( 411. #123456, 123456 412. #123456, 123456鎈'"\( 413. #123456, 123456 414. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1391233040')))>'0 415. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1754554529'))) 416. #123456, 123456 417. #123456, 123456 418. #123456, 123456//and//cast(md5('1603825245')as//int)>0 419. #123456, 123456 420. #123456, 123456'and(select'1'from//cast(md5(1272158691)as//int))>'0 421. #123456, 123456 422. #123456, extractvalue(1,concat(char(126),md5(1489396028))) 423. #123456, 123456 424. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1967736839)))and" 425. #123456, 123456 426. #123456, 123456 427. #123456, expr 976094587 + 939329232 428. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1793485894)))and' 429. #123456, 123456&set /A 889350178+863004594 430. #123456, 123456 431. #123456, 123456$(expr 839127273 + 879758942) 432. #123456, 123456 433. #123456, 123456\|expr 919612519 + 811848756 434. #123456, 123456 expr 867512800 + 996670861 435. #123456, 123456 436. #123456, 123456 437. #123456, 123456 438. #123456, 123456 439. #123456, 123456 440. #123456, 123456 441. #123456, 123456 442. #123456, 123456 443. #123456, 123456 444. #123456, 123456 445. #123456, 123456 446. #123456, 123456 447. #123456, 123456 448. #123456, 123456 449. #123456, 123456 450. #123456, 123456 451. #123456, 123456 452. #123456, 123456 453. #123456, 123456 454. #123456, 123456 455. #123456, 123456 456. #123456, 123456 457. #123456, 123456 458. #123456, 123456 459. #123456, 123456 460. #123456, 123456 461. #123456, 123456 462. #123456, 123456 463. #123456, 123456 464. #123456, 123456 465. #123456, 123456 466. #123456, 123456 467. #123456, 123456 468. #123456, 123456 469. #123456, 123456 470. #123456, 123456 471. #123456, 123456 472. #123456, 123456 473. #123456, 123456 474. #123456, 123456 475. #123456, ${954884465+961363938} 476. #123456, 123456 477. #123456, 123456 478. #123456, 123456 479. #123456, <%- 853611600+828879187 %> 480. #123456, '-var_dump(md5(506813914))-' 481. #123456, 123456 482. #123456, 123456 483. #123456, 123456 484. #123456, #set($c=899039403+951392079)${c}$c 485. #123456, 123456 486. #123456, ${@var_dump(md5(200397862))}; 487. #123456, 123456 488. #123456, 123456 489. #123456, ${(956636018+890937608)?c} 490. #123456, 123456 491. #123456, 123456 492. #123456, 123456 493. #123456, ${841897284+801491254} 494. #123456, 123456 495. #123456, 123456 496. #123456, 123456 497. #123456, /1/{{998828818+924559882}} 498. #123456, 123456 499. #123456, 123456 500. #123456, 123456 501. #123456, 123456 502. #123456, 123456 503. #123456, 123456 504. #123456, 123456 505. #123456, 123456 506. #123456, 123456 507. #123456, 123456 508. #123456, 123456 509. #123456, 123456 510. #123456, 123456 511. #123456, 123456 512. #123456, 123456 513. #123456, 123456 514. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('k',2)='k 515. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('s',0)='s 516. #123456, 123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('x',2) 517. #123456, 123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('n',0) 518. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 519. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 520. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 521. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 522. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 523. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 524. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 525. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 526. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 527. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 528. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 529. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 530. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 531. #123456, (selectfrom(select+sleep(0)union//select+1)a) 532. #123456, 123456"and"g"="i 533. #123456, 123456"and"f"="f 534. #123456, 123456'and'r'='k 535. #123456, 123456'and'z'='z 536. #123456, 123456//and+2=6 537. #123456, 123456//and+2=2 538. #123456, 123456 539. #123456, 123456 540. #123456, 123456 541. #123456, 123456 542. #123456, 123456 543. #123456, 123456 544. #123456, 123456 545. #123456, 123456 546. #123456, 123456 547. #123456, 123456 548. #123456, 123456 549. #123456, 123456 550. #123456, 123456 551. #123456, 123456 552. #123456, 123456 553. #123456, 123456 554. #123456, 123456 555. #123456, 123456 556. #123456, 123456 557. #123456, 123456 558. #123456, 123456 559. #123456, 123456 560. #123456, 123456 561. #123456, 123456 562. #123456, 123456 563. #123456, 123456 564. #123456, 123456 565. #123456, 123456 566. #123456, 123456 567. #123456, 123456 568. #123456, 123456 569. #123456, 123456 570. #123456, 123456 571. #123456, 123456 572. #123456, 123456 573. #123456, 123456 574. #123456, 123456 575. #123456, 123456 576. #123456, 123456 577. #123456, 123456 578. #123456, 123456 579. #123456, 123456 580. #123456, 123456 581. #123456, 123456 582. #123456, 123456'"\( 583. #123456, 123456 584. #123456, 123456 585. #123456, 123456鎈'"\( 586. #123456, 123456 587. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1663735676')))>'0 588. #123456, 123456 589. #123456, 123456 590. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1250040977'))) 591. #123456, 123456 592. #123456, 123456 593. #123456, 123456//and//cast(md5('1145460280')as//int)>0 594. #123456, 123456 595. #123456, 123456'and(select'1'from//cast(md5(1754753224)as//int))>'0 596. #123456, <%- 865455137+969851809 %> 597. #123456, extractvalue(1,concat(char(126),md5(1022114372))) 598. #123456, #set($c=914493731+906109382)${c}$c 599. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1975485256)))and" 600. #123456, ${(818437569+983854434)?c} 601. #123456, 123456'and/*/extractvalue(1,concat(char(126),md5(1309825283)))and' 602. #123456, ${941944329+908923954} 603. #123456, /1/{{924923506+956010199}} 604. #123456, 123456 605. #123456, 123456 606. #123456, 123456 607. #123456, 123456 608. #123456, 123456 609. #123456, 123456 610. #123456, 123456 611. #123456, 123456 612. #123456, 123456 613. #123456, 123456 614. #123456, 123456 615. #123456, 123456 616. #123456, 123456 617. #123456, 123456 618. #123456, 123456 619. #123456, 123456 620. #123456, 123456 621. #123456, 123456 622. #123456, 123456 623. #123456, 123456 624. #123456, 123456 625. #123456, 123456 626. #123456, 123456 627. #123456, 123456 628. #123456, 123456 629. #123456, 123456 630. #123456, 123456 631. #123456, 123456 632. #123456, 123456 633. #123456, expr 921907259 + 842248307 634. #123456, 123456 635. #123456, 123456&set /A 956421062+894997876 636. #123456, 123456 637. #123456, ${871946470+898766107} 638. #123456, 123456$(expr 821594236 + 843949085) 639. #123456, 123456 640. #123456, 123456 641. #123456, 123456 642. #123456, 123456\|expr 959538867 + 877342218 643. #123456, 123456 644. #123456, 123456 645. #123456, 123456 expr 983877778 + 891643049 646. #123456, 123456 647. #123456, 123456 648. #123456, 123456 649. #123456, 123456 650. #123456, 123456 651. #123456, 123456 652. #123456, 123456 653. #123456, 123456 654. #123456, 123456 655. #123456, 123456 656. #123456, 123456 657. #123456, 123456 658. #123456, 123456 659. #123456, 123456 660. #123456, 123456 661. #123456, 123456 662. #123456, 123456 663. #123456, 123456 664. #123456, 123456 665. #123456, 123456 666. #123456, 123456 667. #123456, 123456 668. #123456, 123456 669. #123456, 123456 670. #123456, 123456 671. #123456, 123456 672. #123456, 123456 673. #123456, 123456 674. #123456, 123456 675. #123456, 123456 676. #123456, 123456 677. #123456, 123456 678. #123456, 123456 679. #123456, 123456 680. #123456, 123456 681. #123456, 123456 682. #123456, '-var_dump(md5(330497666))-' 683. #123456, 123456 684. #123456, 123456 685. #123456, 123456 686. #123456, ${@var_dump(md5(722195518))}; 687. #123456, 123456 688. #123456, 123456 689. #123456, 123456 690. #123456, 123456 691. #123456, 123456 692. #123456, 123456 693. #123456, 123456 694. #123456, 123456 695. #123456, 123456 696. #123456, 123456 697. #123456, 123456 698. #123456, 123456 699. #123456, 123456 700. #123456, 123456 701. #123456, 123456 702. #123456, 123456 703. #123456, 123456 704. #123456, 123456 705. #123456, 123456 706. #123456, 123456 707. #123456, 123456 708. #123456, 123456 709. #123456, 123456 710. #123456, 123456 711. #123456, 123456 712. #123456, 123456 713. #123456, 123456 714. #123456, 123456 715. #123456, 123456 716. #123456, 123456 717. #123456, 123456 718. #123456, 123456 719. #123456, 123456 720. #123456, 123456 721. #123456, 123456 722. #123456, 123456 723. #123456, 123456 724. #123456, 123456 725. #123456, 123456 726. #123456, 123456 727. #123456, 123456 728. #123456, 123456 729. #123456, 123456 730. #123456, 123456 731. #123456, 123456 732. #123456, 123456 733. #123456, 123456 734. #123456, 123456 735. #123456, 123456 736. #123456, 123456 737. #123456, 123456 738. #123456, 123456 739. #123456, 123456 740. #123456, 123456 741. #123456, 123456 742. #123456, 123456 743. #123456, 123456 744. #123456, 123456 745. #123456, 123456'"\( 746. #123456, 123456鎈'"\( 747. #123456, 123456'and//convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1566309851')))>'0 748. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('s',2)='s 749. #123456, convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1325509640'))) 750. #123456, 123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('s',0)='s 751. #123456, 123456//and//cast(md5('1947856552')as//int)>0 752. #123456, 123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('n',2) 753. #123456, 123456'and(select'1'from//cast(md5(1145703335)as//int))>'0 754. #123456, 123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('w',0) 755. #123456, extractvalue(1,concat(char(126),md5(1062914631))) 756. #123456, 123456'and(select+1)>0waitfor//delay'0:0:2 757. #123456, 123456"and//extractvalue(1,concat(char(126),md5(1079995118)))and" 758. #123456, 123456'and(select+1)>0waitfor//delay'0:0:0 759. #123456, 123456'and//extractvalue(1,concat(char(126),md5(1668314927)))and' 760. #123456, 123456//and(select+1)>0waitfor//delay'0:0:2'// 761. #123456, 123456 762. #123456, 123456//and(select+1)>0waitfor//delay'0:0:0'// 763. #123456, <%- 868002804+890466046 %> 764. #123456, 123456'//and(select'1'from//pg_sleep(2))::text>'0 765. #123456, 123456 766. #123456, #set($c=935121259+939838365)${c}$c 767. #123456, 123456'//and(select'1'from//pg_sleep(0))::text>'0 768. #123456, 123456 769. #123456, ${(810115088+958385678)?c} 770. #123456, 123456//and(select+1//from//pg_sleep(2))>0// 771. #123456, ${923173574+887487346} 772. #123456, 123456//and(select+1//from//pg_sleep(0))>0// 773. #123456, 123456 774. #123456, /1/{{997723091+817877923}} 775. #123456, 123456"and(selectfrom(select+sleep(2))a//union//select+1)=" 776. #123456, 123456 777. #123456, 123456"and(selectfrom(select+sleep(0))a//union//select+1)=" 778. #123456, 123456 779. #123456, 123456'and(selectfrom(select+sleep(2))a//union//select+1)=' 780. #123456, 123456'and(selectfrom(select+sleep(0))a//union//select+1)=' 781. #123456, (selectfrom(select+sleep(2)union/*/select+1)a) 782. #123456, 123456 783. #123456, (selectfrom(select+sleep(0)union//select+1)a) 784. #123456, 123456 785. #123456, 123456"and"f"="l 786. #123456, 123456 787. #123456, 123456 788. #123456, 123456"and"o"="o 789. #123456, 123456 790. #123456, 123456 791. #123456, 123456'and'g'='n 792. #123456, 123456 793. #123456, 123456 794. #123456, 123456'and'e'='e 795. #123456, 123456 796. #123456, 123456//and+4=8 797. #123456, 123456 798. #123456, 123456 799. #123456, 123456/**/and+1=1 800. #123456, 123456 801. #123456, 123456 802. #123456, 123456 803. #123456, 123456 804. #123456, 123456 805. #123456, 123456 806. #123456, 123456 807. #123456, 123456 808. #123456, 123456 809. #123456, 123456 810. #123456, 123456 811. #123456, 123456 812. #123456, 123456 813. #123456, 123456 814. #123456, 123456 815. #123456, 123456 816. #123456, 123456 817. #123456, 123456 818. #123456, 123456 819. #123456, 123456 820. #123456, 123456 821. #123456, 123456 822. #123456, 123456 823. #123456, 123456 824. #123456, '-var_dump(md5(639623607))-' 825. #123456, 123456 826. #123456, 123456 827. #123456, ${@var_dump(md5(584382076))}; 828. #123456, 123456 829. #123456, 123456 830. #123456, 123456 831. #123456, 123456 832. #123456, 123456 833. #123456, 123456 834. #123456, 123456 835. #123456, 123456 836. #123456, ${952452161+849443030} 837. #123456, 123456 838. #123456, 123456 839. #123456, 123456 840. #123456, 123456 841. #123456, 123456 842. #123456, 123456 843. #123456, 123456 844. #123456, 123456 845. #123456, 123456 846. #123456, 123456 847. #123456, 123456 848. #123456, 123456 849. #123456, 123456 850. #123456, 123456 851. #123456, 123456 852. #123456, 123456 853. #123456, 123456 854. #123456, 123456 855. #123456, expr 885038233 + 823423033 856. #123456, 123456 857. #123456, 123456 858. #123456, 123456&set /A 887014605+939679193 859. #123456, 123456 860. #123456, 123456 861. #123456, 123456$(expr 871471628 + 990343873) 862. #123456, 123456 863. #123456, 123456\|expr 991414691 + 829270704 864. #123456, 123456 865. #123456, 123456 expr 879706988 + 886473431 866. #123456, 123456 867. #123456, 123456 868. #123456, 123456 869. #123456, 123456
admin	123456 expr 804659186 + 965074135		^[1]					1. #123456, 123456
admin	123456 expr 822925780 + 820648015	^[1]						1. #123456, 123456
admin	123456 expr 912753599 + 952031660				^[1]			1. #123456, 123456
admin	123456 expr 928395317 + 921527238					^[1]		1. #123456, 123456
admin	123456 expr 935228653 + 905176351			^[1]				1. #123456, 123456
admin	123456"and"a"="a				^[1]	^[2]		1. #123456, 123456 2. #123456, 123456
admin	123456"and"a"="u				^[1]			1. #123456, 123456
admin	123456"and"h"="f		^[1]					1. #123456, 123456
admin	123456"and"k"="z			^[1]				1. #123456, 123456
admin	123456"and"l"="z					^[1]		1. #123456, 123456
admin	123456"and"m"="x	^[1]						1. #123456, 123456
admin	123456"and"v"="v			^[1]				1. #123456, 123456
admin	123456"and"w"="w		^[1]					1. #123456, 123456
admin	123456"and"x"="x	^[1]						1. #123456, 123456
admin	123456"and(selectfrom(select+sleep(0))a//union/*/select+1)="	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456"and(selectfrom(select+sleep(2))a//union/*/select+1)="	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1204803399)))and"	^[1]						1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1470062209)))and"		^[1]					1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1471493740)))and"			^[1]				1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1757457440)))and"					^[1]		1. #123456, 123456
admin	123456"and/**/extractvalue(1,concat(char(126),md5(1942697991)))and"				^[1]			1. #123456, 123456
admin	123456$(expr 835505085 + 998240459)					^[1]		1. #123456, 123456
admin	123456$(expr 864423917 + 955469121)				^[1]			1. #123456, 123456
admin	123456$(expr 908732791 + 857896207)			^[1]				1. #123456, 123456
admin	123456$(expr 947129548 + 821614553)	^[1]						1. #123456, 123456
admin	123456$(expr 950437719 + 846011643)		^[1]					1. #123456, 123456
admin	123456&set /A 810645024+905319316	^[1]						1. #123456, 123456
admin	123456&set /A 813540274+838896373				^[1]			1. #123456, 123456
admin	123456&set /A 855174936+821833227					^[1]		1. #123456, 123456
admin	123456&set /A 894338805+869553160			^[1]				1. #123456, 123456
admin	123456&set /A 936973589+972783057		^[1]					1. #123456, 123456
admin	123456'"\(	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(0))::text>'0	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'//and(select'1'from//pg_sleep(2))::text>'0	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('e',2)='e				^[1]			1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('f',0)='f					^[1]		1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('f',2)='f		^[1]					1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('g',0)='g				^[1]			1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('h',0)='h	^[1]						1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('i',2)='i					^[1]		1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('k',2)='k	^[1]						1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('o',0)='o		^[1]					1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('u',0)='u			^[1]				1. #123456, 123456
admin	123456'//and//DBMS_PIPE.RECEIVE_MESSAGE('v',2)='v			^[1]				1. #123456, 123456
admin	123456'and'c'='d		^[1]					1. #123456, 123456
admin	123456'and'g'='g				^[1]			1. #123456, 123456
admin	123456'and'i'='i			^[1]				1. #123456, 123456
admin	123456'and'm'='a				^[1]			1. #123456, 123456
admin	123456'and'm'='s	^[1]						1. #123456, 123456
admin	123456'and'n'='k			^[1]				1. #123456, 123456
admin	123456'and'o'='o		^[1]					1. #123456, 123456
admin	123456'and't'='c					^[1]		1. #123456, 123456
admin	123456'and'u'='u	^[1]						1. #123456, 123456
admin	123456'and'y'='y					^[1]		1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1359397925)as//int))>'0			^[1]				1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1447239847)as//int))>'0				^[1]			1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1534690579)as//int))>'0	^[1]						1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1676734473)as//int))>'0		^[1]					1. #123456, 123456
admin	123456'and(select'1'from//cast(md5(1839848464)as//int))>'0					^[1]		1. #123456, 123456
admin	123456'and(selectfrom(select+sleep(0))a//union/*/select+1)='	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'and(selectfrom(select+sleep(2))a//union/*/select+1)='	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:0	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'and(select+1)>0waitfor/**/delay'0:0:2	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1054118050')))>'0		^[1]					1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1079585714')))>'0			^[1]				1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1357322374')))>'0				^[1]			1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1368755307')))>'0					^[1]		1. #123456, 123456
admin	123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1905937292')))>'0	^[1]						1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1055495410)))and'		^[1]					1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1290121624)))and'					^[1]		1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1343349688)))and'				^[1]			1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1520019805)))and'			^[1]				1. #123456, 123456
admin	123456'and/**/extractvalue(1,concat(char(126),md5(1803520859)))and'	^[1]						1. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:0'/**/	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456//and(select+1)>0waitfor//delay'0:0:2'/**/	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(0))>0//	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456//and(select+1//from//pg_sleep(2))>0//	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	123456/**/and+0=7				^[1]			1. #123456, 123456
admin	123456/**/and+0=8	^[1]						1. #123456, 123456
admin	123456/**/and+1=1			^[1]	^[2]			1. #123456, 123456 2. #123456, 123456
admin	123456/**/and+1=5		^[1]	^[2]				1. #123456, 123456 2. #123456, 123456
admin	123456/**/and+2=2	^[1]						1. #123456, 123456
admin	123456/**/and+4=4		^[1]			^[2]		1. #123456, 123456 2. #123456, 123456
admin	123456/**/and+4=9					^[1]		1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('h',0)			^[1]				1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('u',2)			^[1]				1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('w',0)					^[1]		1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('w',2)				^[1]			1. #123456, 123456
admin	123456//and//0=DBMS_PIPE.RECEIVE_MESSAGE('y',0)		^[1]					1. #123456, 123456
admin	123456//and//1=DBMS_PIPE.RECEIVE_MESSAGE('l',0)				^[1]			1. #123456, 123456
admin	123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('c',2)					^[1]		1. #123456, 123456
admin	123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('f',2)		^[1]					1. #123456, 123456
admin	123456//and//2=DBMS_PIPE.RECEIVE_MESSAGE('o',2)	^[1]						1. #123456, 123456
admin	123456//and//3=DBMS_PIPE.RECEIVE_MESSAGE('m',0)	^[1]						1. #123456, 123456
admin	123456//and//cast(md5('1091670470')as/**/int)>0				^[1]			1. #123456, 123456
admin	123456//and//cast(md5('1450845019')as/**/int)>0					^[1]		1. #123456, 123456
admin	123456//and//cast(md5('1470840128')as/**/int)>0			^[1]				1. #123456, 123456
admin	123456//and//cast(md5('1564511614')as/**/int)>0		^[1]					1. #123456, 123456
admin	123456//and//cast(md5('1926256947')as/**/int)>0	^[1]						1. #123456, 123456
admin	123456\|expr 903988747 + 838462410		^[1]					1. #123456, 123456
admin	123456\|expr 926161185 + 890244414				^[1]			1. #123456, 123456
admin	123456\|expr 978786633 + 875691199			^[1]				1. #123456, 123456
admin	123456\|expr 982761944 + 976941652	^[1]						1. #123456, 123456
admin	123456\|expr 985567908 + 882044584					^[1]		1. #123456, 123456
admin	123456鎈'"\(	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin	<%- 880728242+871905163 %>				^[1]			1. #123456, 123456
admin	<%- 903051978+965596409 %>		^[1]					1. #123456, 123456
admin	<%- 915460233+983237414 %>					^[1]		1. #123456, 123456
admin	<%- 940430829+817934426 %>			^[1]				1. #123456, 123456
admin	<%- 952279243+985763540 %>	^[1]						1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1038347456')))		^[1]					1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1419597753')))			^[1]				1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1594262978')))					^[1]		1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1793158396')))	^[1]						1. #123456, 123456
admin	convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1926914246')))				^[1]			1. #123456, 123456
admin	expr 807645040 + 924525138		^[1]					1. #123456, 123456
admin	expr 843175312 + 925405913				^[1]			1. #123456, 123456
admin	expr 877886115 + 834038645	^[1]						1. #123456, 123456
admin	expr 888194150 + 910281458					^[1]		1. #123456, 123456
admin	expr 896099451 + 825249522			^[1]				1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1161483970)))		^[1]					1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1253566482)))	^[1]						1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1364914308)))				^[1]			1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1615055692)))			^[1]				1. #123456, 123456
admin	extractvalue(1,concat(char(126),md5(1816947231)))					^[1]		1. #123456, 123456
admin expr 816580575 + 909906718	123456		^[1]					1. #123456, 123456
admin expr 860068331 + 826384909	123456			^[1]				1. #123456, 123456
admin expr 912523545 + 886564289	123456	^[1]						1. #123456, 123456
admin expr 930074984 + 921846443	123456				^[1]			1. #123456, 123456
admin expr 948181284 + 977626109	123456					^[1]		1. #123456, 123456
admin"and"a"="a	123456			^[1]				1. #123456, 123456
admin"and"d"="e	123456		^[1]					1. #123456, 123456
admin"and"e"="e	123456	^[1]						1. #123456, 123456
admin"and"f"="i	123456	^[1]						1. #123456, 123456
admin"and"g"="g	123456		^[1]		^[2]	^[3]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456
admin"and"q"="e	123456					^[1]		1. #123456, 123456
admin"and"y"="c	123456				^[1]			1. #123456, 123456
admin"and"z"="h	123456			^[1]				1. #123456, 123456
admin"and(selectfrom(select+sleep(0))a//union/*/select+1)="	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin"and(selectfrom(select+sleep(2))a//union/*/select+1)="	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1042786548)))and"	123456		^[1]					1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1075370056)))and"	123456	^[1]						1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1602353816)))and"	123456				^[1]			1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1820919604)))and"	123456					^[1]		1. #123456, 123456
admin"and/**/extractvalue(1,concat(char(126),md5(1873128145)))and"	123456			^[1]				1. #123456, 123456
admin$(expr 885518293 + 896725908)	123456	^[1]						1. #123456, 123456
admin$(expr 897316103 + 809923344)	123456				^[1]			1. #123456, 123456
admin$(expr 918321750 + 902871374)	123456			^[1]				1. #123456, 123456
admin$(expr 947199227 + 967238906)	123456		^[1]					1. #123456, 123456
admin$(expr 975482641 + 880709413)	123456					^[1]		1. #123456, 123456
admin&set /A 865247275+839799537	123456				^[1]			1. #123456, 123456
admin&set /A 905203512+816199960	123456			^[1]				1. #123456, 123456
admin&set /A 953574212+870732579	123456	^[1]						1. #123456, 123456
admin&set /A 964798132+941104285	123456		^[1]					1. #123456, 123456
admin&set /A 974279995+996435990	123456					^[1]		1. #123456, 123456
admin'"\(	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'//and(select'1'from//pg_sleep(0))::text>'0	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'//and(select'1'from//pg_sleep(2))::text>'0	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('c',2)='c	123456	^[1]	^[2]					1. #123456, 123456 2. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('e',0)='e	123456	^[1]		^[2]				1. #123456, 123456 2. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('f',2)='f	123456					^[1]		1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('m',0)='m	123456					^[1]		1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('r',2)='r	123456				^[1]			1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('u',0)='u	123456		^[1]					1. #123456, 123456
admin'//and//DBMS_PIPE.RECEIVE_MESSAGE('x',0)='x	123456				^[1]			1. #123456, 123456
admin'and'b'='b	123456			^[1]				1. #123456, 123456
admin'and'd'='g	123456		^[1]					1. #123456, 123456
admin'and'g'='h	123456					^[1]		1. #123456, 123456
admin'and'h'='h	123456	^[1]						1. #123456, 123456
admin'and'i'='z	123456			^[1]				1. #123456, 123456
admin'and'l'='v	123456	^[1]						1. #123456, 123456
admin'and'n'='n	123456					^[1]		1. #123456, 123456
admin'and'p'='p	123456		^[1]					1. #123456, 123456
admin'and's'='l	123456				^[1]			1. #123456, 123456
admin'and'u'='u	123456				^[1]			1. #123456, 123456
admin'and(select'1'from//cast(md5(1116931706)as//int))>'0	123456			^[1]				1. #123456, 123456
admin'and(select'1'from//cast(md5(1119625587)as//int))>'0	123456		^[1]					1. #123456, 123456
admin'and(select'1'from//cast(md5(1254026510)as//int))>'0	123456				^[1]			1. #123456, 123456
admin'and(select'1'from//cast(md5(1736218541)as//int))>'0	123456	^[1]						1. #123456, 123456
admin'and(select'1'from//cast(md5(1905932868)as//int))>'0	123456					^[1]		1. #123456, 123456
admin'and(selectfrom(select+sleep(0))a//union/*/select+1)='	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'and(selectfrom(select+sleep(2))a//union/*/select+1)='	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:0	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'and(select+1)>0waitfor/**/delay'0:0:2	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1152476522')))>'0	123456					^[1]		1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1210876822')))>'0	123456				^[1]			1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1634176751')))>'0	123456	^[1]						1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1817267324')))>'0	123456		^[1]					1. #123456, 123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1887889860')))>'0	123456			^[1]				1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1077976365)))and'	123456				^[1]			1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1159216475)))and'	123456			^[1]				1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1179617810)))and'	123456		^[1]					1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1404281325)))and'	123456					^[1]		1. #123456, 123456
admin'and/**/extractvalue(1,concat(char(126),md5(1617767765)))and'	123456	^[1]						1. #123456, 123456
admin//and//cast(md5('1010057668')as/**/int)>0	123456					^[1]		1. #123456, 123456
admin//and//cast(md5('1029965555')as/**/int)>0	123456				^[1]			1. #123456, 123456
admin//and//cast(md5('1389654680')as/**/int)>0	123456	^[1]						1. #123456, 123456
admin//and//cast(md5('1654072760')as/**/int)>0	123456			^[1]				1. #123456, 123456
admin//and//cast(md5('1927225356')as/**/int)>0	123456		^[1]					1. #123456, 123456
admin\|expr 825983789 + 912802042	123456					^[1]		1. #123456, 123456
admin\|expr 845724069 + 990147799	123456		^[1]					1. #123456, 123456
admin\|expr 952510789 + 848329834	123456	^[1]						1. #123456, 123456
admin\|expr 969352002 + 944437003	123456				^[1]			1. #123456, 123456
admin\|expr 971115669 + 932603192	123456			^[1]				1. #123456, 123456
admin鎈'"\(	123456	^[1]	^[2]	^[3]	^[4]	^[5]		1. #123456, 123456 2. #123456, 123456 3. #123456, 123456 4. #123456, 123456 5. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1282887653')))	123456				^[1]			1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1367090671')))	123456			^[1]				1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1405685269')))	123456	^[1]						1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1533042662')))	123456					^[1]		1. #123456, 123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1974118293')))	123456		^[1]					1. #123456, 123456
expr 855529332 + 870423668	123456				^[1]			1. #123456, 123456
expr 856697545 + 905151990	123456			^[1]				1. #123456, 123456
expr 871084666 + 892721766	123456	^[1]						1. #123456, 123456
expr 959256831 + 956701156	123456		^[1]					1. #123456, 123456
expr 997966919 + 972626306	123456					^[1]		1. #123456, 123456
extractvalue(1,concat(char(126),md5(1676665797)))	123456		^[1]					1. #123456, 123456
extractvalue(1,concat(char(126),md5(1683096955)))	123456	^[1]						1. #123456, 123456
extractvalue(1,concat(char(126),md5(1692807472)))	123456			^[1]				1. #123456, 123456
extractvalue(1,concat(char(126),md5(1870158727)))	123456				^[1]			1. #123456, 123456
extractvalue(1,concat(char(126),md5(1915380211)))	123456					^[1]		1. #123456, 123456
mpolovka		^[1] ^[2]	^[3]		^[4]			1. Passed with SSH command, kerberos ticket issued 2. kinit mpolovka@IPA.TEST kinit: Pre-authentication failed: Invalid argument while getting initial credentials 3. After three incorrect PIN entries, the user is requested to input their password, which is, however, not set up. 4. Enter PIN: <removed the device and input in the PIN> Please touch the device. A problem occurred while generating the credentials. Error registering the key. Command '/usr/libexec/sssd/passkey_child' failed with [1] #
spoore	Fedora-Everything-netinst-x86_64-39-20230920.n.0.iso VM	^[1]	^[2]	^[3]	^[4]			1. kerberos ticket issued with su: k-sh-5.2$ klist klist: Credentials cache 'KCM:169000003' not found -sh-5.2$ su - testuser1 Insert your passkey device, then press ENTER. Enter PIN: Last login: Fri Sep 22 14:19:06 CDT 2023 on pts/0 -sh-5.2$ klist Ticket cache: KCM:169000003:93127 Default principal: testuser1@PASSKEY.TEST Valid starting Expires Service principal 09/22/2023 14:19:29 09/23/2023 14:17:17 krbtgt/PASSKEY.TEST@PASSKEY.TEST 2. I saw no prompt/message about removing/resetting passkey device. Removing and re-inserting however did work to allow the user to authenticate with the correct pin. 3. No message was shown about resetting passkey device. PIN was blocked though and I reset device with "ykman fido reset". A proper unblock procedure should be listed in the test case to make this easier to perform. 4. for my tests, I did not see the system exit either su or ssh when the key was removed. I am using a VM though with the usb device shared.
sumenon	Unchecked 'Passkey' option for the ipauser1 and then login with ssh						^[1]	1. /var/log/sssd/passkey_child.log (2023-09-21 18:39:39): [passkey_child[8087]] [authenticate] (0x0400): Getting assert. (2023-09-21 18:39:40): [passkey_child[8087]] [request_assert] (0x0040): fido_dev_get_assert failed [52]: FIDO_ERR_PIN_AUTH_BLOCKED. [sumenon@fedora ~]$ ssh -l ipauser1@fedora39.test client.fedora39.test (ipauser1@fedora39.test@client.fedora39.test) Kerberos TGT will not be granted upon login, user experience will be affected. Insert your passkey device, then press ENTER.