I found a nice variation which allows multiple types of encoding without performing eval twice on the string. The code works using the Script function and because of this the code is rewritten by the javascript engine and converts the unicode into standard text.
First a base of unicode is used first “\u0061\u006c\u0065\u0072\u0074\u0028\u0031\u0029″ then each section [...]
I found this quite interesting, calling the find function in Firefox without parameters displays a dialog box. Calling it multiple times displays loads of find windows
for(i=0;i<100;i++) {
find();
}
I’m a big fan of strange looking Javascript and using the syntax in ways it wasn’t intended, so I can understand the internals of what’s going on. Tonight I was having trouble sleeping and I decided to try and bypass the PHPIDS, I found that Firefox lets you use getters with unassigned variables and returns [...]
I haven’t posted for a while as I’ve been busy but I thought I’d post about object cloning because it’s a useful tip and can be used in many situations like browser hacking or general web development. I posted this to the sla.ckers forum a while ago but in case you missed it here goes….
When [...]
I’ve updated the source and it now includes friendly variable/function creation so they are easier to read than pure random data. Thanks to Agente Naranja for the suggestion! I’ve fixed plenty of bugs and included many customisation options, each site using should change the configuration of the CAPTCHA to make it easy or harder to [...]
Javascript contains hidden properties in many objects, I first discovered this when DoctorDan from the slackers forum demonstrated a technique to get the text from a regular expression object without specifying the source property. Later I found a post by John Resig about weird IE behavior again with -1 properties.
So I decided to experiment [...]
Finding a pattern in malicious javascript is difficult, it’s possible to selectively change the source code yet still execute the same payload. There are many ways to morph Javascript and I shall go through a few of the possibilities and provide examples through Hackvertor (which now supports code morphing).
In order for a pattern to [...]
As a technical challenge and maybe in future to allow Hackvertor to execute javascript code from the user. I decided to create a javascript sandbox.
It works by first running the code through a new Function constructor and tosource, the reason for this is that Firefox actually converts the code supplied e.g. ‘te\st’ becomes ‘test’ [...]
Simplicity is always the best policy
I’ve finally and completely (I hope) fixed nested tags. This was an absolute nightmare to solve because the engine kept matching the wrong sets of tags. For example if you placed the following tags in Hackvertor:-
<hex_ent><hex_ent>test</hex_ent></hex_ent>
Hackvertor wouldn’t know which one it should convert first, the way to actually solve the [...]
Ronald and I had a good conversation about Javascript regular expressions comparing them to PHP. He was having difficultly with the syntax because he was used to preg in PHP so I promised to share my knowledge gained from developing various online scripts.
First up preg_match in PHP can be achieved using the match function in [...]