Re: OT, but stil...
>>They don't call it Malware for nothing Ok, but if a malware does "mal" to a moron client side, in a pinch, this is not our problem, but if it can get pass words so easily, it can also do mal to any server any time. I just got one tonite that allows itself to define cookies under MY domain! If it can store cookies, it can also read cookies, including session cookies! With the session Id, it does not even need the password. I'd like to detect all pieces of javascript code defined in a document and check if they are mine. I was thinking of document.getElementsByTagName, but I'm not even sure all parasit code will actually have a
Re: OT, but stil...
They don't call it Malware for nothing :-) On Wed, Sep 3, 2014 at 8:11 PM, <> wrote: > > >>so it becomes a part of the client side page request > "against your will" as it were. > > Yes, but this rises a question: > If my window.onerror can get events from some plugin code, this means that > this code is embeded and is treated as if it belonged to my window. > Thus, it has access to everything in my window, including the document, > forms, input fields in the forms, even those containing passwords, etc. > > What kind of breach is that? > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359228 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: OT, but stil...
>>so it becomes a part of the client side page request "against your will" as it were. Yes, but this rises a question: If my window.onerror can get events from some plugin code, this means that this code is embeded and is treated as if it belonged to my window. Thus, it has access to everything in my window, including the document, forms, input fields in the forms, even those containing passwords, etc. What kind of breach is that? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359227 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: OT, but stil...
>>"against your will" as it were. Indeed, so I'm considering adding some tests in my "bad bot" detector based on some strings seen in javascript errors. May be also there is a way to get the list of all scripts in a page, I'll dig into that. >>I think your idea is excellent though - a way to trap client side errors and tease them out and correct them. Nicely done. Thanks, I've already correct a couples of bugs. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359226 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: OT, but stil...
Claude, I think that perfectnavigator is a adware (some would say malware) that runs on browser execution - so it becomes a part of the client side page request "against your will" as it were. I think your idea is excellent though - a way to trap client side errors and tease them out and correct them. Nicely done. -Mark -Original Message- From: Claude Schnéegans [mailto:=?ISO-8859-1?Q?Claude_Schn=E9egans https://in2.perfectnavigator.com/injectScripts/index.php?id=Pj8sNyM Message : Script error. User agent : Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0 How come this code at in2.perfectnavigator.com (which is not on my server) can be executed from one of my pages, or at least the error event reported to one of my pages ? How about this one from Madagascar? Template : http://www.youradexchange.com/script/java.php?option=rotateur Message : Script error. User agent : Mozilla/5.0 (Windows NT 6.0; rv:31.0) Gecko/20100101 Firefox/31.0 IP = 197.149.47.173 pays = Madagascar Template : http://www.myDomain.com/ line : 418 Message : 'JSON' is undefined User agent : Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; chromeframe/32.0.1700.107; GTB7.5; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.3) This one is in my code, but there is no Javascript at line 418 and JSON is never used anywhere. Ah! This one is in my code, very handy to know where to look at when there is a problem on a Mac and you don't have a Mac. Template : http://www.myDomain.org/commun/customTags/textEditor/popupresize.js ligne : 72 Message : TypeError: 'undefined' is not a function (evaluating 'Number(frameObject.width)') User agent : Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359225 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
