Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Bug reports, feature enhancements or other complaints with the site, with us or just tell us what a miserable existance you have. No death threats or poetry please. Just kidding, no poetry please. 

Pages: 123Next
Current Page: 1 of 3
Results 1 - 30 of 68
3 years ago
holiman
A few semi-colons were missing. Bookmarklet: javascript:window.WebSocket = function(oldWebSocket) {return function WrappedWebSocket(loc){this.prototype=new oldWebSocket(loc);this.__proto__=this.prototype;var wrapper=this;this.onmessage=function(message){var data = prompt("Receiving data",message.data);wrapper.trueonmessage({data: data});};this.__defineSetter__('onmessage', functio
Forum: Networking
3 years ago
holiman
Gareth Heyes Wrote: ------------------------------------------------------- > oooo sweet much more sexier now :D > > btw backtracking a bit did you try the technique > mentioned earlier with the Object.prototype > instead of the WebSocket prototype that could work > for getting message Yes, I mentioned it above: Object.defineProperty(window.WebSocket.prototype, 'onm
Forum: Networking
3 years ago
holiman
One annoying thing is that if I seem to be unable to set the message.data directly, which is why I am sending a {data:data}-object into the "trueonmessage"-function. Not happy about that..
Forum: Networking
3 years ago
holiman
Thanks a bunch! Here is the websocket-tampering super-mega-framework in all its entirety and glory: window.WebSocket = function(oldWebSocket) { return function WrappedWebSocket(loc) { this.prototype=new oldWebSocket(loc); this.__proto__=this.prototype; var wrapper=this; this.onmessage=function(message) { var data = prompt("Receiving data",message.data);
Forum: Networking
3 years ago
holiman
ps. How do I add code formatting to my posts?
Forum: Networking
3 years ago
holiman
I just made this more complete wrap: var oldWebSocket=window.WebSocket; function WrappedWebSocket(loc) { this.prototype=new oldWebSocket(loc); this.__proto__=this.prototype; var wrapper=this; this.onmessage=function(message) { var data = prompt("Receiving data",message.data); wrapper.trueonmessage({data:data}); } this.__defineSetter__('onmessage', function(val){
Forum: Networking
3 years ago
holiman
I got it! // Performed only once var oldWebSocket=window.WebSocket; function WrappedWebSocket(loc) { this.ws=new oldWebSocket(loc); this.__defineSetter__('onmessage', function(val) { alert(val); }); } window.WebSocket=WrappedWebSocket //Example of application trying to use websocket x=new WebSocket("ws://localhost:8080/ws/"); x.onmessage=function(){alert(2);}
Forum: Networking
3 years ago
holiman
This piece of code is not dependant on jetty, can be tested in the chrome console. I don't know why it does not work, but I am no guru either... : window.WebSocket.prototype.__defineSetter__('onmessage', function(val) { alert(val); }); x=new WebSocket("ws://localhost:8080/ws/"); x.onmessage=function(){alert(2);}
Forum: Networking
3 years ago
holiman
Nope, these do not seem to work. window.WebSocket.prototype.__defineSetter__('onmessage', function(val) { alert(val); }); room._ws.onmessage=function(data){alert(data)}; ==> Nothing shows room._ws.__defineSetter__('onmessage', function(val) { alert(val); }); room._ws.onmessage=function(data){alert(data)}; ==> Alerts the new function The prototype does not seem to be called whe
Forum: Networking
3 years ago
holiman
I have been experimenting a bit with websockets, mostly to intercept and tamper with websocket traffic. In order to do so, I am using Jetty and the default chat-application which is bundled in the release ( > 7.0). I use google chrome as a browser. Anyway, I am testing approaches to, on the client side, tamper with data a) before it is sent to the server and b) when it is received, befo
Forum: Networking
3 years ago
holiman
A while ago I wrote a blawgpost about a new NSE-script I wrote an even longer while ago, which can be used to dump out the contents of an RMI registry found during nmap scan: http://www.swende.se/index.php/2010/12/dumping-the-rmi-registry-with-nmap/
Forum: News and Links
4 years ago
holiman
This thread contains postings from no less than three guys who will be presenting on the Appsec Conference in Stockholm! Cool! (sirdarckat, thornmaker and jonas) @Jonas : I read the paper by Phung/Sands/Chudrov about "Lightweight Self-protecting javascript" last summer and thought that you guys would probably find some of these sla.ckers-threads pretty fun...
Forum: Obfuscation
4 years ago
holiman
Thanks all! (I wonder when they will start with Nobel Prize in Computer Science .. probably sooner than Nobel Prize in Hacking, anyway)
Forum: Obfuscation
4 years ago
holiman
@Jonas: I'll be there - I'm in the organizing committee (my real name is Martin Holst Swende). However, there's a big IF : the ETA of our daugther #2 is June 29th, so if she's a week early I will miss the whole show... Anyway: currently I am fixing for the dinner party, which will be held at city hall (Yeahp! Same place where the nobel prize dinner is held! (but a smaller room: The Golden Hall)
Forum: Obfuscation
4 years ago
holiman
@sirdarckat : very good question. When that particular challenge-item was written, nobody really considered the domain aspects of xhr. Therefore, we are now changing that rule to better suit the overall objective of getting a polyglot that is less context-depending. To all: Our sincere apologies for having fuzzy rules and also changing the rules in the middle of the race! Hope you bear with us
Forum: OMG Ponies
4 years ago
holiman
Regarding time-issue, after some input from John, we decided that the solution should not be tied to any particular server (since it should be able to be used in any context as a showcase). So, the javascript should get the time from the client machine and calculate stockholm time from that (best-effort). Sorry about all the confusion about the rules!
Forum: OMG Ponies
4 years ago
holiman
> can you clarify whether xhr is allowed to fulfill the quine requirement? Yes, xhr is allowed! >For the time in Sweden part, which is preferred: hard-coding a server into the GIF so the image itself is more portable... or... not hard-coding any domain so that the image assumes the present server will have the time in some manner? The second option seems less reliable since hosting se
Forum: OMG Ponies
4 years ago
holiman
I validated both your latest submissions, the colours passed the test. You both got the size down quite a bit!
Forum: OMG Ponies
4 years ago
holiman
Sorry we haven't answered the questions earlier, I have some problems connecting to *.ckers.org from home (for some reason, I need to tunnel somewhere else and connect from there - perhaps my isp is blocking it) . 1. Should the JS execute in multiple browsers? FF is the target. We will only validate that it works on FF, but bonus points if the solution is poly-browser. 2. Is it okay for th
Forum: OMG Ponies
4 years ago
holiman
@SW : Yes, we are talking about byte size : one restriction is to *not* bloat the file. And, the logical size of the gif image must be preserved. Nice first shot! I see alerts showing time- but the filename indicates quines also. Is that implemented?
Forum: OMG Ponies
4 years ago
holiman
@Gareth: I wouldn't call it solved. It is a multistep challenge, one of which is to create a quine, and meet the size constraints.
Forum: OMG Ponies
4 years ago
holiman
I ususally check out the rss feed-page to see what is new, and browse through it all to see what is interesting. So far so good. But couldn't you guys put together a page with similar functionality of displaying everything recent that also : - Shows the names of the authors - Marks the entries as read - Can be navigated to see even older messages than just the last X messages
Forum: Bugs
4 years ago
holiman
We planned to announce the winner and release the solution after the holidays, but since it is out in the open anyway now; Yes, we have a winner: Andreas Fobian, who also graciously wrote the walkthrough mentioned above. Congratulations! I am impressed by how quick it was solved!
Forum: OMG Ponies
4 years ago
holiman
The correct answer is *not* "The magic parenthesis of Antiochia!"
Forum: OMG Ponies
4 years ago
holiman
New challenge posted. From the OWASP wiki (http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden ) : --- Merry Christmas everyone! It's the 21st and a new AppSec Research Challenge is posted. Setting up the AppSec Research 2010 X-mas Challenge was a cooperative effort by the winner of AppSec Research Challenge 3, Mario Heiderich, and Martin Holst Swende. It is a multi
Forum: OMG Ponies
5 years ago
holiman
The winner is posted, congratulations sdc! John/Manjit official post below : --- The winner of the AppSec Research 2010 October Challenge is (... drumroll ...) FireworksIsNotABrowser_v4 (although we like the slightly oversized v6 better)! Runner-up is TommyM_3D_Wave_v1.1. Thanks for all the hard work, guys! Can "sirdarckcat" please email me? OC votes for FireworksIsNotABrowser_v4:
Forum: OMG Ponies
5 years ago
holiman
Wow, there are some really cool submissions here. I knew that some pretty amazing stuff could theoretically be done but it is really fun to actually see it pursued. There should be a demo-scene for this stuff like there was back in the day of 64K-demos and no graphics cards...
Forum: OMG Ponies
5 years ago
holiman
Here is the official page on which the demo should run : http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#tab=Challenge_5%3A_Graphical_Effects
Forum: OMG Ponies
5 years ago
holiman
October 21st is here and with it a new OWASP AppSec Research 2010 challenge. The winner gets free entrance to next year's AppSec conference in Stockholm. Last month we had "Who's Who in Security?" so it's time for a more technical task. JavaScript can be obfuscated as seen in Challenge 3 but you can also get really creative with the language. *This month's challenge is about writi
Forum: OMG Ponies
5 years ago
holiman
I am testing a server running php, but the php files are encrypted with zend. PHP uses the Zend autoloader to decrypt them at runtime. Can I decrypt them and view the source? I have full access to the machine.
Forum: SQL and Code Injection
Pages: 123Next
Current Page: 1 of 3