parsing probably injected javascript

A

anon

hi,

i've java script code taken from the html of a wordpress site.

it looks to be cross-site scripting that decodes itself and
redirects to another site.

i've got it because infected html was sent to me.

i'd like to know that it didn't do more than re-direct me but
i don't know java script well enough to decode it

it looks like its running a simple multiply algorithm against
each char of a string, then concatenating the result to a result
string to be executed.

total char. count in script: approx. 560 chars. the var string
decoded is approx 290 chars.

two things, 1. anyone here interested in looking at it and
saying what it does, and 2. what does the community think of
posting injection code for this purpose in this group?



regards,
 
O

Owen Jacobson

hi,

i've java script code taken from the html of a wordpress site.

it looks to be cross-site scripting that decodes itself and
redirects to another site.

i've got it because infected html was sent to me.

i'd like to know that it didn't do more than re-direct me but
i don't know java script well enough to decode it

it looks like its running a simple multiply algorithm against
each char of a string, then concatenating the result to a result
string to be executed.

total char. count in script: approx. 560 chars. the var string
decoded is approx 290 chars.

two things, 1. anyone here interested in looking at it and
saying what it does, and 2. what does the community think of
posting injection code for this purpose in this group?

regards,

Since Javascript is completely off-topic here, it's not really
appreciated. Try comp.lang.javascript - they have some really smart
people there who can probably figure it out.

-o
 
K

Kevin McMurtrie

anon <[email protected]> said:
hi,

i've java script code taken from the html of a wordpress site.

it looks to be cross-site scripting that decodes itself and
redirects to another site.

i've got it because infected html was sent to me.

i'd like to know that it didn't do more than re-direct me but
i don't know java script well enough to decode it

it looks like its running a simple multiply algorithm against
each char of a string, then concatenating the result to a result
string to be executed.

total char. count in script: approx. 560 chars. the var string
decoded is approx 290 chars.

two things, 1. anyone here interested in looking at it and
saying what it does, and 2. what does the community think of
posting injection code for this purpose in this group?



regards,

Wrong group. JavaScript used in browsers has nothing to do with the
Java programming language.

Post the hack in a javascript newsgroup. Only a fool uses a mail or
Usenet client that executes scripts.
 
A

anon

Wrong group. JavaScript used in browsers has nothing to do with the
Java programming language.

Post the hack in a javascript newsgroup. Only a fool uses a mail or
Usenet client that executes scripts.


i don't believe i'd name every person ignorant
of a significant detail commonly known within
a specality a fool, but i agree: the risk you
imply exists does exist; in any event, its good
to know that i am not in the group you are talk-
ing about, wordpress being a blogging application
and all.

:)

don't mind me,i am just tired and having some fun.

i'll go now.

thank you for your direction.


regards,
 
A

anon

Since Javascript is completely off-topic here, it's not really
appreciated. Try comp.lang.javascript - they have some really smart
people there who can probably figure it out.


thanks.


regards,
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top