diff --git a/blns.txt b/blns.txt index e9c16d8..7c27bbd 100644 --- a/blns.txt +++ b/blns.txt @@ -342,242 +342,242 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮ # # Strings which attempt to invoke a benign script injection; shows vulnerability to XSS - -<script>alert('123');</script> - - -"> -'> -> - -< / script >< script >alert(123)< / script > - onfocus=JaVaSCript:alert(123) autofocus -" onfocus=JaVaSCript:alert(123) autofocus -' onfocus=JaVaSCript:alert(123) autofocus -<script>alert(123)</script> -ript>alert(123)ript> ---> -";alert(123);t=" -';alert(123);t=' -JavaSCript:alert(123) -;alert(123); -src=JaVaSCript:prompt(132) -">javascript:alert(1); - - - - - - -'`"><\x3Cscript>javascript:alert(1) -'`"><\x00script>javascript:alert(1) -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -ABCDEF -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -test -`"'> -`"'> -`"'> -`"'> -`"'> -`"'> -`"'> -`"'> -`"'> -`"'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> -"`'> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -XXX - - - - - - + +<script>alert('1');</script> + + +"> +'> +> + +< / script >< script >alert(8)< / script > + onfocus=JaVaSCript:alert(9) autofocus +" onfocus=JaVaSCript:alert(10) autofocus +' onfocus=JaVaSCript:alert(11) autofocus +<script>alert(12)</script> +ript>alert(13)ript> +--> +";alert(15);t=" +';alert(16);t=' +JavaSCript:alert(17) +;alert(18); +src=JaVaSCript:prompt(19) +">javascript:alert(25); + + + + + + +'`"><\x3Cscript>javascript:alert(32) +'`"><\x00script>javascript:alert(33) +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +ABCDEF +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +test +`"'> +`"'> +`"'> +`"'> +`"'> +`"'> +`"'> +`"'> +`"'> +`"'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> +"`'> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +XXX + + + + + + -"> - - - - - - - - - - - -perl -e 'print "";' > out - +"> + + + + + + + + + + + +perl -e 'print "";' > out + - + -< +< + # SQL Injection #