- 博客(1)
- 资源 (10)
- 收藏
- 关注
转载 最新IE远程代码执行漏洞分析
漏洞信息 Internet Explorer 在打开攻击页面时,CMshtmlEd 对象被删除并释放,且释放后的内存被重用,导致 Use-After-Free. 受影响系统: Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet Explorer 7.x 发布时间: 20
2012-09-23 20:31:09 620
[hook.js]通用Javascript函数钩子
[bool]hook:params{
realFunc[String|must]:用于保存原始函数的函数名称,用于unHook;
hookFunc[Function|must]:替换的hook函数;
context[Object|opt]:目标函数所在对象,用于hook非window对象下的函数,如String.protype.slice,carInstance1
methodName[String|opt]:匿名函数需显式传入目标函数名eg:this.Begin = function(){....};
}
[bool]unhook:params{
realFunc[String|must]:用于保存原始函数的函数名称,用于unHook;
funcName[String|must]:被Hook的函数名称
context[Object|opt]:目标函数所在对象,用于hook非window对象下的函数,如String.protype.slice,carInstance1
}
Examples
var myHook = new Hooks();
myHook.initEnv();
//普通全局函数
var _alert = null;
function myalert(param){console.log("before hook");}
alert.hook("_alert",myalert);
alert.unhook("_alert","alert");
alert(1);
//自定义对象匿名函数
function Person() {
this.getName = function(name) {
alert('Call' + name);
}
}
var p = new Person();
var _p_getName = null;
function mygetName(name){alert("Hooked");}
p.getName.hook("_p_getName",mygetName,p,"getName");
p.getName.unhook("_p_getName","getName",p);
p.getName("pnig0s");
//原型对象函数
var _slice = null;
function myslice(param){alert("Hooked");}
String.prototype.slice.hook("_slice",myslice,String.prototype);
String.prototype.slice.unhook("_slice","slice",String.prototype);
var str = "pnig0s";
str.slice(1);
myHooks.cleanEnv(); //clear hooks
2014-08-21
Retrieve HttpOnly Session Cookie in WebBrowser
In order to help mitigate the risk of cross-site scripting, a new feature has been introduced in Microsoft Internet Explorer 6 SP1. This feature is a new attribute for cookies which prevents them from being accessed through client-side script. A cookie with this attribute is called an HTTP-only cookie.
2014-08-18
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人