Archives for the Month of May, 2009

Astalanumerator baby

I wanted to map all properties in javascript and inspect them regardless if they were objects or not. IE doesn’t support for(i in..) for native properties like constructor etc. So I decided to write a cross platform enumerator that could map everything. I decided to call it “Astalanumerator” as a silly reference to terminator combined […]

Hackvertor obfuscated code tutorial

I thought I’d post a quick tutorial on how Hackvertor can be used to decode obfuscated javascript. This is based on a real request on sla.ckers. I’ll walk you through the code and tidy it up and show you how to use the advanced tags to easily decode the encoded string. Warning disclaimer Do not […]

Three-Strikes and you’re DOSd

You may have heard about the Three-Strikes law proposal that has been suggested as a way to end copyright infringement. If you think about it for a minute, it could be the ultimate way to create a DOS attack. Web pages could abuse this system to ban you from the internet by using iframes or […]

Opera XSS vectors

It turns out I was right. Originally I thought the protocols reported by my javascript fuzzer were false positives but as like lots of my code it seems to know better than me 🙂 I tested the context of the vectors in a normal HTML link which didn’t work correctly. But I was messing with […]