Featured vector
Chrome 0.0
<!-- sample vector --> <img src=xx:xx 0x20onerror=alert(1)>
<!-- sample vector --> <img src=xx:xx 0x20onerror=alert(1)>
Fuzz vector cloud
Anchor Attributes CSS Closing Comments HTML HTML5 JavaScript Property Protocol Script URL XSS attribute bla bypass challenge char comment data encoding entities entity event events flash for fun handler href img innerHTML navigateURL onload prompt properties regex space src string strings style svg tag tags test testing uri waf xml
3,424,392 Successful fuzzes
Fuzz Vectors
Searching for "string"
Your browser identified asGeneral Crawlers unknown
All vectors
| Description | Vector | Created by |
|---|---|---|
| Characters that close strings in chrome 2 | <!-- sample vector --> <script>var test = 'test*chr*;logChr(*num*);</script> | @Nomicon3 |
| String quotes in JS context | <script>s*num* = *chr**num**chr*;if (typeof s*num* == "string" && s*num* == "*num*") logChr(*num*);</script> | @blubbfiction |
| Characters that start JavaScript double quote strings | <script> *chr*"; logChr(*num*) </script> | @peksa |
| Characters that result in multiline strings | <script> var a = "*chr* "; logChr(*num*); </script> | @tifkin_ |
| Characters allowed after string multiline separator | <script> var x = "asdf\*chr* asdf"; logChr(*num*); </script> | @tifkin_ |
| String variables | <script> props=props.concat(Object.getOwnPropertyNames(window)); for(var i=-100;i<100;i++) { props.push(i); } props.forEach(function(){ if(''[arguments[0]])customLog(arguments[0]); }) </script> | @garethheyes |
| Characters eating backslash in javascript string 2 | <script>if("x\*chr*".length==2) { log(*num*);}</script> | @mhswende |
| Characters eating backslash in javascript string | <script>if("x\*chr*".length==1) { log(*num*);}</script> | @mhswende |
| Characters ignored inside javascript string v2 | <script>if("x*chr*x" == "xx") { log(*num*);}</script> | @mhswende |
| Uncode sequences generating illegitimate ASCII | <script> "\ud83d\u*hex4*".match(/.*<.*/) ? log(*num*) : null; </script> | @0x6D6172696F |
| Characters consuming backslashes and breaking JS strings | <script>a='abc\*chr*\';log(*num*)//def';</script> | @0x6D6172696F |
| Characters breaking CSS strings allowing expression | "'`>ABC<div style="font-family:'foo*chr*;x:expression(log(*num*));/*';">DEF | @0x6D6172696F |
| Characters ending CSS values allowing expressions | "'`>ABC<div style="font-family:'foo'*chr*x:expression(log(*num*));/*';">DEF | @0x6D6172696F |