Use the following code:
<Script type = "text/jscript">
Function init (){
Document. write ("The time is:" + Date ());
}
Window. onload = init;
</Script>
This code can be used to hide the html code in front of the Web page. After running the code, you can only see the code executed in the javascript statement.
The source code of the website cannot be seen again after refresh, and any code can be executed using javascript.
It is the best time to get a Trojan horse.
Test method:
<H1> ncph of something <I> before </I>
<Br> the <B> JavaScript </B>... ncphncph
<Script type = "text/jscript">
Function init (){
Document. write ("The time is now:" + Date ());
}
Window. onload = init;
</Script>
And <u> ncph of something </u> after the <B> JavaScript </B>
Save the above Code as an html page.
If you only see the time above, it proves that your ie also has this vulnerability. (What about the code above and below? ^. ^)
I believe that anyone who understands the html language knows how to use it.
This vulnerability exists in more than 90% of Internet Explorer instances.
The test passed in xp sp2 2000 sp4 2003sp1.
By rose of ncph studio