SlideShare ist ein Scribd-Unternehmen logo
1 von 48
Downloaden Sie, um offline zu lesen
© 2009 Security-Assessment.com Reversing JavaScript Presented By Roberto Suggi Liverani
Who am I? ,[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],Type Example Implementation Provided By Governing Standard User-defined Programmer-defined Customer or Circle Programmer None Built-in Array, Math The browser via its JavaScript engine ECMA-262 Browser Window, Navigator The browser None (though some portions adhere to an ad hoc standard) Document Image, HTMLInputElement The browser via its DOM engine W3C DOM
Technology - JavaScript ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - DOM ,[object Object],[object Object]
Technologies – JavaScript Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology – JavaScript Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technology – JavaScript Security ,[object Object],URLs Cross – Scripting allowed? Comments http://www.example.com:8080/script1.js NO Port number doesn’t match. http://www.example.com/script2.js http://www.example.com/script1.js NO Protocol type doesn’t match. https://www.example.com/script2.js http://www.example.com/script1.js NO Browser will not perform domain name resolution. http://192.168.0.10/script2.js http://sub.example.com/script1.js NO Subdomains treated as separate domains. http://www.example.com/script2.js http://www.example.com/hello/script1.js YES Domain name is the same. http://www.example.com/bye/script.2.js http://www.example2.com/script1.js NO Different domain names. http://www.example1.com/script2.js
Technologies - Ajax ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - Ajax ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Technologies - Ajax ,[object Object]
Technologies - Ajax ,[object Object]
Technologies - JSON ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[ [ ‘Jeff’, ‘1741024918’, ‘ginger@microsoft.com’ ], [ ‘C Gillingham’, ‘3885193114’, ‘c2004@symantec.com’ ], [ ‘Mike Kemp’, ‘8041148671’, ‘fkwitt@layerone.com’ ], [ ‘Wade A’, ‘5078782513’, ‘kingofbeef@ngssoftware.com’ ] ]
[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Reversing – Breakpoint with Firebug
Reversing – Breakpoints and Stack
DOM Analysis
Venkman Debugger
Finding XSS in DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Finding XSS in DOM
Finding XSS in DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Finding XSS in DOM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
JavaScript and Ajax ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
JavaScript and Ajax
JSON ,[object Object],[object Object],[object Object],[object Object],[object Object],showC ( [ [ ‘test’, ‘1741024918’, ‘test@test.com’ ], [ ‘test2’, ‘3885193114’, ‘test2@test.com’ ], ]);
JSON
JSON ,[object Object],[object Object],[object Object],[object Object],[object Object],<script> function array() { var obj = this; var ind = 0; var getNext = function(x) { obj[ind++] setter = getNext; if (x) alert(‘Data stolen from array:’+x.toString()); } this[ind++] setter = getNext; } <script src=‘http://jsonservice’></script>
JSON ,[object Object],[object Object],[object Object],showC ( [ [ ‘test’, ‘1741024918’, ‘test@test.com’ ], [ ‘test2’, ‘3885193114’, ‘test2@test.com’ ], ]); <script> function showC(a) { alert(a); } </script> <script src=”URLwhichReturnstheJSONabove”></script>
Unpacking/Deofuscating ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Unpacking JavaScript
Case I
Case II
Unpacking/Deofuscating ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions? © 2007 Security-Assessment.com http://www.security-assessment.com [email_address]
Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object]

Weitere ähnliche Inhalte

Was ist angesagt?

JavaScript - Chapter 4 - Types and Statements
 JavaScript - Chapter 4 - Types and Statements JavaScript - Chapter 4 - Types and Statements
JavaScript - Chapter 4 - Types and StatementsWebStackAcademy
 
javascript objects
javascript objectsjavascript objects
javascript objectsVijay Kalyan
 
Prototype Utility Methods(1)
Prototype Utility Methods(1)Prototype Utility Methods(1)
Prototype Utility Methods(1)mussawir20
 
Automatically generating-json-from-java-objects-java-objects268
Automatically generating-json-from-java-objects-java-objects268Automatically generating-json-from-java-objects-java-objects268
Automatically generating-json-from-java-objects-java-objects268Ramamohan Chokkam
 
Javascript Basics
Javascript BasicsJavascript Basics
Javascript Basicsmsemenistyi
 
Ios development
Ios developmentIos development
Ios developmentelnaqah
 
Javascript Templating
Javascript TemplatingJavascript Templating
Javascript Templatingbcruhl
 
From C++ to Objective-C
From C++ to Objective-CFrom C++ to Objective-C
From C++ to Objective-Ccorehard_by
 
3.1 javascript objects_DOM
3.1 javascript objects_DOM3.1 javascript objects_DOM
3.1 javascript objects_DOMJalpesh Vasa
 
A Deeper look into Javascript Basics
A Deeper look into Javascript BasicsA Deeper look into Javascript Basics
A Deeper look into Javascript BasicsMindfire Solutions
 
JavaScript introduction 1 ( Variables And Values )
JavaScript introduction 1 ( Variables And Values )JavaScript introduction 1 ( Variables And Values )
JavaScript introduction 1 ( Variables And Values )Victor Verhaagen
 
Objective-C Crash Course for Web Developers
Objective-C Crash Course for Web DevelopersObjective-C Crash Course for Web Developers
Objective-C Crash Course for Web DevelopersJoris Verbogt
 

Was ist angesagt? (20)

JavaScript Basics
JavaScript BasicsJavaScript Basics
JavaScript Basics
 
JavaScript - Chapter 4 - Types and Statements
 JavaScript - Chapter 4 - Types and Statements JavaScript - Chapter 4 - Types and Statements
JavaScript - Chapter 4 - Types and Statements
 
The Xtext Grammar Language
The Xtext Grammar LanguageThe Xtext Grammar Language
The Xtext Grammar Language
 
Ajax
AjaxAjax
Ajax
 
javascript objects
javascript objectsjavascript objects
javascript objects
 
Prototype Utility Methods(1)
Prototype Utility Methods(1)Prototype Utility Methods(1)
Prototype Utility Methods(1)
 
Objective c
Objective cObjective c
Objective c
 
Automatically generating-json-from-java-objects-java-objects268
Automatically generating-json-from-java-objects-java-objects268Automatically generating-json-from-java-objects-java-objects268
Automatically generating-json-from-java-objects-java-objects268
 
Javascript Basics
Javascript BasicsJavascript Basics
Javascript Basics
 
Ios development
Ios developmentIos development
Ios development
 
Google Dart
Google DartGoogle Dart
Google Dart
 
Javascript Templating
Javascript TemplatingJavascript Templating
Javascript Templating
 
Parte II Objective C
Parte II   Objective CParte II   Objective C
Parte II Objective C
 
From C++ to Objective-C
From C++ to Objective-CFrom C++ to Objective-C
From C++ to Objective-C
 
3.1 javascript objects_DOM
3.1 javascript objects_DOM3.1 javascript objects_DOM
3.1 javascript objects_DOM
 
Coding Ajax
Coding AjaxCoding Ajax
Coding Ajax
 
Javascript
JavascriptJavascript
Javascript
 
A Deeper look into Javascript Basics
A Deeper look into Javascript BasicsA Deeper look into Javascript Basics
A Deeper look into Javascript Basics
 
JavaScript introduction 1 ( Variables And Values )
JavaScript introduction 1 ( Variables And Values )JavaScript introduction 1 ( Variables And Values )
JavaScript introduction 1 ( Variables And Values )
 
Objective-C Crash Course for Web Developers
Objective-C Crash Course for Web DevelopersObjective-C Crash Course for Web Developers
Objective-C Crash Course for Web Developers
 

Andere mochten auch

manual de usuario videograbador 4 canales sinrobos.com
manual de usuario videograbador 4 canales sinrobos.commanual de usuario videograbador 4 canales sinrobos.com
manual de usuario videograbador 4 canales sinrobos.comSimon Chaler
 
Participant Portal - Paperless Grant Management | presentation 1/4
Participant Portal - Paperless Grant Management | presentation 1/4Participant Portal - Paperless Grant Management | presentation 1/4
Participant Portal - Paperless Grant Management | presentation 1/4ISERD Israel
 
Presentación Inner Sense
Presentación Inner SensePresentación Inner Sense
Presentación Inner SenseVictor Angel
 
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...Florian Schmidinger
 
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011Vizlib Ltd.
 
CIWM-September-2016-Special-Focus
CIWM-September-2016-Special-FocusCIWM-September-2016-Special-Focus
CIWM-September-2016-Special-FocusConversocial
 
Mascotas mundialistas
Mascotas mundialistasMascotas mundialistas
Mascotas mundialistasangierir
 
Negocios electrónicos
Negocios electrónicosNegocios electrónicos
Negocios electrónicosOBS
 
C4 parte 1 perugia 2010 11 04
C4 parte 1 perugia 2010 11 04C4 parte 1 perugia 2010 11 04
C4 parte 1 perugia 2010 11 04Ivan Stefani
 
Ley 135 11 sobre vih-sida en rd
Ley 135 11 sobre vih-sida en rdLey 135 11 sobre vih-sida en rd
Ley 135 11 sobre vih-sida en rdMiguel Simón
 
Socialismo, Socialismo nacional y Facismo
Socialismo, Socialismo nacional y FacismoSocialismo, Socialismo nacional y Facismo
Socialismo, Socialismo nacional y FacismoAaron Flores
 
Diaz tolerancia a eh en cebada inia 2005
Diaz tolerancia a eh en cebada  inia 2005Diaz tolerancia a eh en cebada  inia 2005
Diaz tolerancia a eh en cebada inia 2005Danioteca Surco
 

Andere mochten auch (19)

Instalar magento
Instalar magentoInstalar magento
Instalar magento
 
manual de usuario videograbador 4 canales sinrobos.com
manual de usuario videograbador 4 canales sinrobos.commanual de usuario videograbador 4 canales sinrobos.com
manual de usuario videograbador 4 canales sinrobos.com
 
Participant Portal - Paperless Grant Management | presentation 1/4
Participant Portal - Paperless Grant Management | presentation 1/4Participant Portal - Paperless Grant Management | presentation 1/4
Participant Portal - Paperless Grant Management | presentation 1/4
 
Presentación Inner Sense
Presentación Inner SensePresentación Inner Sense
Presentación Inner Sense
 
De la Agenda 21E al camino escolar - María Sol Mena Rubio
De la Agenda 21E al camino escolar - María Sol Mena RubioDe la Agenda 21E al camino escolar - María Sol Mena Rubio
De la Agenda 21E al camino escolar - María Sol Mena Rubio
 
Physiotherapy methods
Physiotherapy methodsPhysiotherapy methods
Physiotherapy methods
 
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...
Sunflex Schiebe-Dreh-Systeme SF25 für Terrassenverglasung - jetzt bei Fenster...
 
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011
Vortrag "Spend Quality Time with your Data" zum WELT POKAL 2011
 
CIWM-September-2016-Special-Focus
CIWM-September-2016-Special-FocusCIWM-September-2016-Special-Focus
CIWM-September-2016-Special-Focus
 
Mascotas mundialistas
Mascotas mundialistasMascotas mundialistas
Mascotas mundialistas
 
Negocios electrónicos
Negocios electrónicosNegocios electrónicos
Negocios electrónicos
 
C4 parte 1 perugia 2010 11 04
C4 parte 1 perugia 2010 11 04C4 parte 1 perugia 2010 11 04
C4 parte 1 perugia 2010 11 04
 
Hugo0210
Hugo0210Hugo0210
Hugo0210
 
Ley 135 11 sobre vih-sida en rd
Ley 135 11 sobre vih-sida en rdLey 135 11 sobre vih-sida en rd
Ley 135 11 sobre vih-sida en rd
 
Premio Fonseca formulación magistral 1988
Premio Fonseca formulación magistral 1988Premio Fonseca formulación magistral 1988
Premio Fonseca formulación magistral 1988
 
Dossierde planificación
Dossierde planificaciónDossierde planificación
Dossierde planificación
 
Socialismo, Socialismo nacional y Facismo
Socialismo, Socialismo nacional y FacismoSocialismo, Socialismo nacional y Facismo
Socialismo, Socialismo nacional y Facismo
 
Diaz tolerancia a eh en cebada inia 2005
Diaz tolerancia a eh en cebada  inia 2005Diaz tolerancia a eh en cebada  inia 2005
Diaz tolerancia a eh en cebada inia 2005
 
Gazda final
Gazda finalGazda final
Gazda final
 

Ähnlich wie Reversing JavaScript

JavaScript Basics - GameCraft Training
JavaScript Basics - GameCraft TrainingJavaScript Basics - GameCraft Training
JavaScript Basics - GameCraft TrainingRadoslav Georgiev
 
Introduction to Javascript
Introduction to JavascriptIntroduction to Javascript
Introduction to JavascriptAmit Tyagi
 
INTRODUCTION TO CLIENT SIDE PROGRAMMING
INTRODUCTION TO CLIENT SIDE PROGRAMMINGINTRODUCTION TO CLIENT SIDE PROGRAMMING
INTRODUCTION TO CLIENT SIDE PROGRAMMINGProf Ansari
 
Basics of Java Script (JS)
Basics of Java Script (JS)Basics of Java Script (JS)
Basics of Java Script (JS)Ajay Khatri
 
AJS UNIT-1 2021-converted.pdf
AJS UNIT-1 2021-converted.pdfAJS UNIT-1 2021-converted.pdf
AJS UNIT-1 2021-converted.pdfSreeVani74
 
Angular JS2 Training Session #1
Angular JS2 Training Session #1Angular JS2 Training Session #1
Angular JS2 Training Session #1Paras Mendiratta
 
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPT
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPTHSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPT
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPTAAFREEN SHAIKH
 
Ajax tutorial
Ajax tutorialAjax tutorial
Ajax tutorialKat Roque
 
Oop2010 Scala Presentation Stal
Oop2010 Scala Presentation StalOop2010 Scala Presentation Stal
Oop2010 Scala Presentation StalMichael Stal
 
Event-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 EngineEvent-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 EngineRicardo Silva
 
The Theory Of The Dom
The Theory Of The DomThe Theory Of The Dom
The Theory Of The Domkaven yan
 
Terrastore - A document database for developers
Terrastore - A document database for developersTerrastore - A document database for developers
Terrastore - A document database for developersSergio Bossa
 
JavaScript(Es5) Interview Questions & Answers
JavaScript(Es5)  Interview Questions & AnswersJavaScript(Es5)  Interview Questions & Answers
JavaScript(Es5) Interview Questions & AnswersRatnala Charan kumar
 

Ähnlich wie Reversing JavaScript (20)

JavaScript Basics - GameCraft Training
JavaScript Basics - GameCraft TrainingJavaScript Basics - GameCraft Training
JavaScript Basics - GameCraft Training
 
Introduction to Javascript
Introduction to JavascriptIntroduction to Javascript
Introduction to Javascript
 
Ajax Lecture Notes
Ajax Lecture NotesAjax Lecture Notes
Ajax Lecture Notes
 
INTRODUCTION TO CLIENT SIDE PROGRAMMING
INTRODUCTION TO CLIENT SIDE PROGRAMMINGINTRODUCTION TO CLIENT SIDE PROGRAMMING
INTRODUCTION TO CLIENT SIDE PROGRAMMING
 
JS basics
JS basicsJS basics
JS basics
 
CSC PPT 12.pptx
CSC PPT 12.pptxCSC PPT 12.pptx
CSC PPT 12.pptx
 
Basics of Java Script (JS)
Basics of Java Script (JS)Basics of Java Script (JS)
Basics of Java Script (JS)
 
AJS UNIT-1 2021-converted.pdf
AJS UNIT-1 2021-converted.pdfAJS UNIT-1 2021-converted.pdf
AJS UNIT-1 2021-converted.pdf
 
Angular JS2 Training Session #1
Angular JS2 Training Session #1Angular JS2 Training Session #1
Angular JS2 Training Session #1
 
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPT
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPTHSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPT
HSC INFORMATION TECHNOLOGY CHAPTER 3 ADVANCED JAVASCRIPT
 
Ajax tutorial
Ajax tutorialAjax tutorial
Ajax tutorial
 
Oop2010 Scala Presentation Stal
Oop2010 Scala Presentation StalOop2010 Scala Presentation Stal
Oop2010 Scala Presentation Stal
 
Java scriptforjavadev part2a
Java scriptforjavadev part2aJava scriptforjavadev part2a
Java scriptforjavadev part2a
 
iOS Application Development
iOS Application DevelopmentiOS Application Development
iOS Application Development
 
Event-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 EngineEvent-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 Engine
 
The Theory Of The Dom
The Theory Of The DomThe Theory Of The Dom
The Theory Of The Dom
 
Terrastore - A document database for developers
Terrastore - A document database for developersTerrastore - A document database for developers
Terrastore - A document database for developers
 
Coding Ajax
Coding AjaxCoding Ajax
Coding Ajax
 
js.pptx
js.pptxjs.pptx
js.pptx
 
JavaScript(Es5) Interview Questions & Answers
JavaScript(Es5)  Interview Questions & AnswersJavaScript(Es5)  Interview Questions & Answers
JavaScript(Es5) Interview Questions & Answers
 

Mehr von Roberto Suggi Liverani

Mehr von Roberto Suggi Liverani (13)

I got 99 trends and a # is all of them
I got 99 trends and a # is all of themI got 99 trends and a # is all of them
I got 99 trends and a # is all of them
 
Augmented reality in your web proxy
Augmented reality in your web proxyAugmented reality in your web proxy
Augmented reality in your web proxy
 
Cross Context Scripting attacks & exploitation
Cross Context Scripting attacks & exploitationCross Context Scripting attacks & exploitation
Cross Context Scripting attacks & exploitation
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012
 
None More Black - the Dark Side of SEO
None More Black - the Dark Side of SEONone More Black - the Dark Side of SEO
None More Black - the Dark Side of SEO
 
Bridging the gap - Security and Software Testing
Bridging the gap - Security and Software TestingBridging the gap - Security and Software Testing
Bridging the gap - Security and Software Testing
 
Defending Against Application DoS attacks
Defending Against Application DoS attacksDefending Against Application DoS attacks
Defending Against Application DoS attacks
 
Exploiting Firefox Extensions
Exploiting Firefox ExtensionsExploiting Firefox Extensions
Exploiting Firefox Extensions
 
Black Energy18 - Russian botnet package analysis
Black Energy18 - Russian botnet package analysisBlack Energy18 - Russian botnet package analysis
Black Energy18 - Russian botnet package analysis
 
XPath Injection
XPath InjectionXPath Injection
XPath Injection
 
Web Spam Techniques
Web Spam TechniquesWeb Spam Techniques
Web Spam Techniques
 
Ajax Security
Ajax SecurityAjax Security
Ajax Security
 
Browser Security
Browser SecurityBrowser Security
Browser Security
 

Reversing JavaScript