public marks

PUBLIC MARKS from decembre with tags javascript & hack


JAVASCRIPT - jsunpack - a generic JavaScript unpacker

The Extracted URLs lists, (2 files) for instance, indicates how many decodings or other files were created when trying to decode JavaScript. If this column shows (1 files) it means that there were no decodings and that a static scanner would be just as effective at detecting content. However, if there are more than one file, a decoding likely occurred, and jsunpack can match against additional content. A malicious URL with only (1 files) is less likely to be malicious because attackers commonly hide their content when delivering exploits or other malicious content. The Extracted URLs displays files grouped by URL, so the originally file that triggered the rule and all of the other files are all connected to another. It is more common that the attacker will try to hide content and create 2 or more decodings. Jsunpack was originally designed to handle complicated cases of decoding where there were 5 stages of decoding, although such cases are rare, generally the more decoding levels (and therefore files), the more likely the attacker is trying to hide something of value. Thanks for using jsunpack!


FIR XPI - DEV - Force CORS Firefox Extension

a very simple extension for Firefox that adds the Cross Origin Resource Sharing (CORS) Access-Control- HTTP headers to all responses before they're processed by the browser. This essentially disables the browser's same origin policy and allows cross domain calls even if the web server does not support CORS. The default setting adds the following headers to every response:

FLASH - SECURITY - Bypassing JavaScript Filters – the Flash way

This paper relies on the fact that a huge number of web surfers have installed Macromedia Flash plugin/ActiveX control, for an attacker to launch a Cross-site scripting attack. We will not go into a lot of detail in describing Cross-site scripting attacks in general;


CSS / Javascript : Browserhacks : Lst of browser specific CSS and JavaScript hacks

by 3 others
Browserhacks is an extensive list of browser specific CSS and JavaScript hacks from all over the interwebs. How to?: Pick the hack you want Copy it into your stylesheet Add the style you want between the braces Enjoy the new styles for the browser you targete


amf | blog » Flickr group admin hack - a javascript that changes the url of the promote button

Do you know how to interact through all the HTML a tags of the document.body and replace the text in each href attribute using javascrit? No? So this page is not for you. Use it at your own risk. It's basicaly a javascript that changes the url of the promote button so you can click no a user on members tab and that user go to moderators tab instead of admins tab.


Advanced Greasemonkeying — Yoan Blanc’s weblog

Jouant occasionnellement avec Greasemonkey, j’ai fait face a des problèmes récurrent liés à l’architecture de l’extention elle-même. * Comment réutiliser une bibliothèque déjà présente dans la page, * comment traiter un résultat XML * ou qu’est-ce qui fait que je n’arrive pas à mettre une Yahoo!/Google maps dynamiquement. Réutiliser une librairie(, fonction, variable) existante

"CAPTCHA Breaker" or pwntcha - Recherche Google - John Resig - OCR and Neural Nets in JavaScript

John Resig - OCR and Neural Nets in JavaScript Just google for "CAPTCHA Breaker" or pwntcha and you'd have much more advanced captcha breakers capable of much more. But javascript won't be able to handle ...

Javascript CAPTCHA decoder - MAKE: Blog

It will break CAPTCHAs for Megaupload and automatically trigger a download. The code is designed specifically for this CAPTCHA style, but there's no reason why the getImageData trick combined with a alternate OCR implementation couldn't be used to solve for other systems. This is pretty fascinating stuff. Is there a better (more convenient, harder to cheat) way to prove humanness? What else could you make in Javascript using OCR, neural nets, or per-pixel image processing?

ReCAPTCHA apporte une solution originale: : quand le spam améliore les logiciels d'OCR

Le système propose deux mots à déchiffrer. Le premier est un mot connu qui sert à s'assurer que la personne en face de l'écran est bien un humain. Le deuxième est un mot rejeté par un logiciel (Un logiciel ou une application est un ensemble de programmes, qui permet à un ordinateur ou à un système informatique...) d'OCR, déformé comme pour un CAPCHA classique. Quand un certain nombre (Un nombre est un concept caractérisant une unité, une collection d'unités ou une fraction d'unité.) d'utilisateurs a déchiffré de la même manière le deuxième mot, celui-ci est validé et peut alors être substitué dans le processus de numérisation du livre. Cette méthode est aujourd'hui utilisée au profit de l'Internet Archive (L'Internet Archive est une organisation à but non lucratif consacrée à l'archivage du Web, fondée par Brewster Kahle en...), une association à but non lucratif de l'Open Content Alliance, pour l'aider dans son travail de numérisation de contenus libres de droits

OCR + javascript - Reconnaissance De Charactéres par script Java - Recherche Google

Usage possible : OCR automatique pour décoder le Capcha déformé comme pour un CAPCHA classique.... Par exemple Megauplaud, Rapidshare etc...

Megaupload Auto-Fill Captcha - Greasemonkey - OCR in Java

Auto-fills the megaupload/megarotic captcha and optionally auto-starts download: Rewritten to do OCR in javascript, auto-submit for captcha form. Warning: This runs methods from unsafeWindow, so don't use it if you don't trust since it's possible to use that to run javascript with more privileges. I might write a GIF decoder to avoid this soon.


Rapidshare Download Delay Bypass – (2008)

Rapidshare Download Delay Bypass Script for bypassing rapidshare countdown. Works with and without javascript. If you get Download-Ticket Not Ready, continue to "reload with POSTDATA" until you get a download dialog. v2.5 - Fixed auto-reload for "download ticket not ready" & removed extra characters in the inserted html. v2.4 - updated for Rapidshare site changes.

decembre's TAGS related to tag javascript

ajax +   anonymat +   api +   article +   best +   bibliotheque +   blog +   bookmarklet +   browser +   bypass +   carte +   checkbox +   chrome +   code +   comment +   convert +   css +   data +   demo +   design +   dev +   development +   documentation +   dom +   editeur +   editor +   example +   exemple +   extension +   fichier +   firebug +   firefox +   flash +   flickr +   FlickrSurf+ +   forum +   free +   function +   get +   google +   google:maps +   greasemonkey +   guide +   hack +   howto +   htlm +   html +   iframe +   image +   interface +   java +   jQuery +   json +   Korben +   library +   liste +   mail +   maps +   mobile +   ocr +   online +   online tool +   opensource +   opera +   outil +   php +   player +   plugin +   programmation +   reference +   Responsive +   ressource +   script +   scroll +   scrollbar +   securite +   security +   site +   stackoverflow +   tag +   test +   text +   tips +   tool +   tuto +   tutorial +   tutoriel +   user +   userscript +   userstyle +   utilitaire +   video +   web +   web2.0 +   webdesign +   webdev +   xhtml +   xml +   xpi +   xul +