史上最不安全的浏览器——Dangerous Browser收藏
| 旧一篇: VC调用 JavaScript 难题:如何使当前程序的对象进入脚本
<script>function StorePage(){d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://www.365key.com/storeit.aspx?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t),'keyit','scrollbars=no,width=475,height=575,left=75,top=20,status=no,resizable=yes'));keyit.focus();}</script>浏览器市场一向强调安全性。但是安全往往与功能强大是矛盾的。Dangerous Browser 功能强大,但也是最不安全的。Dangerous Browser 可以运行PHP脚本,可以创建标准的 PHP5 内置对象;它可以在后门运行强化后的Javascript,这样的Javascript 可以创建 FileSystemObject 和 OpenTextFile,CreateTextFile 访问本地文件,甚至它可以调用任何 Windows API,去创建标准的 Windows 窗口,完成只有客户端程序才能完成的功能。(下载:本浏览器源码)
一、界面
二、主要脚本代码
1 PHP 代码 主要功能:创建一个 VCL 的 TForm,在该 Form 中添加一个按钮,为 Form 添加OnClick响应代码,响应效果是使 Caption 的文字为 "Clicking a VCL TForm",为按钮的OnClick响应代码的效果也是改变内容为"Clicking a VCL TButton" 。
class
first_class{
var $name = " php file class " ;
function setName( $n ){
$this -> name = $n ;
}
function sayHello(){
print " my name is $this ->name<BR> " ;
}
}
function OnFormClick( $sender ) {
$sender -> Caption = " Clicking a VCL TForm " ;
}
function OnButtonClick( $sender ) {
$sender -> Caption = " Clicking a VCL TButton " ;
}
$ds = new dsRE();
// call VCL
$ds -> UsingClass( " TForm " );
$form = new TForm( null );
$ds -> RegistMethod( " OnFormClick " , $form , " OnClick " );
$ds -> UsingClass( " TButton " );
$button = new TButton( $form );
$ds -> RegistMethod( " OnButtonClick " , $button , " OnClick " );
$button -> Left = 20 ;
$button -> Top = 30 ;
$button -> Width = 200 ;
$button -> Parent = $form ;
$button -> Caption = " Button1 " ;
$form -> Show();
$form -> Caption = " I am a VCL TForm " ;
$ds -> Share( $form , "
var $name = " php file class " ;
function setName( $n ){
$this -> name = $n ;
}
function sayHello(){
print " my name is $this ->name<BR> " ;
}
}
function OnFormClick( $sender ) {
$sender -> Caption = " Clicking a VCL TForm " ;
}
function OnButtonClick( $sender ) {
$sender -> Caption = " Clicking a VCL TButton " ;
}
$ds = new dsRE();
// call VCL
$ds -> UsingClass( " TForm " );
$form = new TForm( null );
$ds -> RegistMethod( " OnFormClick " , $form , " OnClick " );
$ds -> UsingClass( " TButton " );
$button = new TButton( $form );
$ds -> RegistMethod( " OnButtonClick " , $button , " OnClick " );
$button -> Left = 20 ;
$button -> Top = 30 ;
$button -> Width = 200 ;
$button -> Parent = $form ;
$button -> Caption = " Button1 " ;
$form -> Show();
$form -> Caption = " I am a VCL TForm " ;
$ds -> Share( $form , "