Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Script obfuscation, filter evasion, IDS/IPS/WAF bypassing... this is where it should live. Because this topic is too big to live anywhere else. Phj33r! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Sending arguments to valueOf
Posted by: sirdarckcat
Date: June 22, 2009 09:51PM

Hello

While I was playing on FFx on ways of calling functions without = nor () I encountered a rather weird behavior.

Check it out by yourselves:

String({toString:Function,valueOf:function(x){alert(x)}}) // alerts "string"

String({toString:alert.call,valueOf:function(x){alert(x)}}) // alerts "function"

1*({valueOf:function(x){alert(x)}}) // alerts "number"

I had a couple of other sequences that also send "xml" "undefined" and "object", but I'm rather interested on wtf with the arguments.

Sending arguments to valueOf is "relevant" because that means we could execute code without the use of () nor = nor new if we can send the arguments we want (like sending "eval(name)" to setTimeout).

Anyway, I just wanted to leave this documented somewhere in case it's useful in the future.

Greetz!!

[edit]

just to leave this clear, right NOW this is useless.. just a curiosity

[/edit]

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 1 time(s). Last edit at 06/22/2009 09:54PM by sirdarckcat.

Options: ReplyQuote


Sorry, only registered users may post in this forum.