[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <8ba534860701170549k226b996cice2d20ff89fccc67@mail.gmail.com>
Date: Wed, 17 Jan 2007 07:49:28 -0600
From: SirDarckCat <sirdarckcat@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: JavaScript inLine Debugger - The fastest web
sites debugger (technique, not a tool)
JaSiLDBG
JavaScript inLine Debugger
"The Handbook for the fastest debugger"
JavaScript inLine DeBuGger (JaSiLDBG) is a technique, for editing, debuging,
and interacting a web page.
Also helps, for testing javascript scripts (very usefull for testing regular
expresions), making complex calculations, or just to learn javascript, its
use is very simple, in the address bar, you write: javascript: followed by
the script to execute, for example: javascript:alert('Hello World'); will
show you a box, with the text: "Hello World"..
We wrote a document, explaining some of the capacities of this technique,
and in the meantime, we also created some functions in a library that can
help you using JaSiLDBG. The library is named: estigma its instalation, is
very simple, just clicking a bookmark, in any browser that supports
javascript will load it, and you can start using it.
There are also 3 other libraries, that are used for multiple uses, first we
have the library RGraham, it is used basically for simple encoding, and
simple criptoanalysis, but for stronger cryptography, we have Pescadito,
that mainly, allows you to encode strings into base64, RSA, Blowfish, md5,
and sha-1, finally, we have NanoSploit, a exploit framework designed for
explotation of web-level vulnerabilities, with this library, you can search,
load and exploit a vulnerability without leaving the current website.
You can download the document in PDF format here:
http://jasildbg.googlepages.com/en
For other resources concerning this tool go to:
http://www.elhacker.net/jasildbg/
For examples on how to modify flash object properties and variables from
your browser, go to:
http://www.elhacker.net/jasildbg/jueguito.html
There are also Libraries for helping the use of JaSiLDBG like:
Pescadito: Allows you to encript into md4, md5, sha1, blowfish, Rijndael.
Estgima: Allows you to play with the web page, edit is properties and edit
the page from your browser as if you were in FrontPage o DreamWeaver, with a
WYSIWYG interface.
NanoSploit FrameWork: Allows you to Search, Load, and Exploit a web based
vulnerability, without even leaving the website you are visiting.
The Libraries instalation instructions are here:
http://jasildbg.googlepages.com/libraries
Spanish Version here: http://jasildbg.googlepages.com/es
Thats all!
Greetz!!
--
Att.
SirDarckCat@...il.com
http://www.google.com/search?q=sirdarckcat
Content of type "text/html" skipped
Download attachment "JaSiLDBG_en.pdf" of type "application/pdf" (243858 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists