lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 17 Jan 2007 07:49:28 -0600
From: SirDarckCat <sirdarckcat@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: JavaScript inLine Debugger - The fastest web
	sites debugger (technique, not a tool)

JaSiLDBG
JavaScript inLine Debugger
"The Handbook for the fastest debugger"

JavaScript inLine DeBuGger (JaSiLDBG) is a technique, for editing, debuging,
and interacting a web page.

Also helps, for testing javascript scripts (very usefull for testing regular
expresions), making complex calculations, or just to learn javascript, its
use is very simple, in the address bar, you write: javascript: followed by
the script to execute, for example: javascript:alert('Hello World'); will
show you a box, with the text: "Hello World"..

We wrote a document, explaining some of the capacities of this technique,
and in the meantime, we also created some functions in a library that can
help you using JaSiLDBG. The library is named: estigma its instalation, is
very simple, just clicking a bookmark, in any browser that supports
javascript will load it, and you can start using it.

There are also 3 other libraries, that are used for multiple uses, first we
have the library RGraham, it is used basically for simple encoding, and
simple criptoanalysis, but for stronger cryptography, we have Pescadito,
that mainly, allows you to encode strings into base64, RSA, Blowfish, md5,
and sha-1, finally, we have NanoSploit, a exploit framework designed for
explotation of web-level vulnerabilities, with this library, you can search,
load and exploit a vulnerability without leaving the current website.

You can download the document in PDF format here:
http://jasildbg.googlepages.com/en

For other resources concerning this tool go to:
http://www.elhacker.net/jasildbg/

For examples on how to modify flash object properties and variables from
your browser, go to:
http://www.elhacker.net/jasildbg/jueguito.html

There are also Libraries for helping the use of JaSiLDBG like:

Pescadito: Allows you to encript into md4, md5, sha1, blowfish, Rijndael.
Estgima: Allows you to play with the web page, edit is properties and edit
the page from your browser as if you were in FrontPage o DreamWeaver, with a
WYSIWYG interface.
NanoSploit FrameWork: Allows you to Search, Load, and Exploit a web based
vulnerability, without even leaving the website you are visiting.

The Libraries instalation instructions are here:
http://jasildbg.googlepages.com/libraries

Spanish Version here: http://jasildbg.googlepages.com/es

Thats all!

Greetz!!

-- 
Att.
SirDarckCat@...il.com

http://www.google.com/search?q=sirdarckcat

Content of type "text/html" skipped

Download attachment "JaSiLDBG_en.pdf" of type "application/pdf" (243858 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ