[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] JavaScript inLine Debugger - The fastest web sites debugger (technique, not a tool)

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] JavaScript inLine Debugger - The fastest web sites debugger (technique, not a tool)
From: SirDarckCat <sirdarckcat@xxxxxxxxx>
Date: Wed, 17 Jan 2007 07:49:28 -0600

JaSiLDBG
JavaScript inLine Debugger
"The Handbook for the fastest debugger"

JavaScript inLine DeBuGger (JaSiLDBG) is a technique, for editing, debuging,
and interacting a web page.

Also helps, for testing javascript scripts (very usefull for testing regular
expresions), making complex calculations, or just to learn javascript, its
use is very simple, in the address bar, you write: javascript: followed by
the script to execute, for example: javascript:alert('Hello World'); will
show you a box, with the text: "Hello World"..

We wrote a document, explaining some of the capacities of this technique,
and in the meantime, we also created some functions in a library that can
help you using JaSiLDBG. The library is named: estigma its instalation, is
very simple, just clicking a bookmark, in any browser that supports
javascript will load it, and you can start using it.

There are also 3 other libraries, that are used for multiple uses, first we
have the library RGraham, it is used basically for simple encoding, and
simple criptoanalysis, but for stronger cryptography, we have Pescadito,
that mainly, allows you to encode strings into base64, RSA, Blowfish, md5,
and sha-1, finally, we have NanoSploit, a exploit framework designed for
explotation of web-level vulnerabilities, with this library, you can search,
load and exploit a vulnerability without leaving the current website.

You can download the document in PDF format here:
http://jasildbg.googlepages.com/en

For other resources concerning this tool go to:
http://www.elhacker.net/jasildbg/

For examples on how to modify flash object properties and variables from
your browser, go to:
http://www.elhacker.net/jasildbg/jueguito.html

There are also Libraries for helping the use of JaSiLDBG like:

Pescadito: Allows you to encript into md4, md5, sha1, blowfish, Rijndael.
Estgima: Allows you to play with the web page, edit is properties and edit
the page from your browser as if you were in FrontPage o DreamWeaver, with a
WYSIWYG interface.
NanoSploit FrameWork: Allows you to Search, Load, and Exploit a web based
vulnerability, without even leaving the website you are visiting.

The Libraries instalation instructions are here:
http://jasildbg.googlepages.com/libraries

Spanish Version here: http://jasildbg.googlepages.com/es

Thats all!

Greetz!!

--
Att.
SirDarckCat@xxxxxxxxx

http://www.google.com/search?q=sirdarckcat

Attachment: JaSiLDBG_en.pdf
Description: Adobe PDF document

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Grab a myspace credential
Next by Date: Re: [Full-disclosure] iDefense Q-1 2007 Challenge
Previous by thread: [Full-disclosure] Fair Exploit Price and Purchase
Next by thread: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
Index(es):
- Date
- Thread