Javascript page
Fravia's JavaScript page
SURPRISES INSIDE SURPRISES
(You probably did not know that you had these functions inside your browser)
by Fravia+
+cracker

(07 Dicember 1997)
Courtesy of Fravia's page of reverse engineering (of course :-)

Javascript tricks... netscape additions 
SURPRISES INSIDE YOUR OWN BROWSER 

(surprises inside surprises)





Did you know that you already had all this inside Netscape?

First of all: a little backhistory: there are some quite pathetical childs, 

roaming lamers, that have stolen my site "in exstenso" trying to "gnaw" some 

attention, just in order to spam usenet groups like alt.2600 (where no real 

veritable cracker in his right mind would even THINK to write anything 

important or significant). Purpose? Impress -for a week or two- the "me too" lamers.

Anyway, I imagine that this goes together with fame, and I'm almost flattered :-)

+Alistair is already stalking them in order to punish, yet I don't care much: 

 see...there are three or four naïv "copycat" kids at the moment... some of them  

seriously working (stealing my pages :-), and they deserve gratitude! (Of course  

a quick DejaVue stalking would suffice to check all their chronological 

inconsistence :-) yet I'm quite flattered, and I just wanted to write -without 

doubled +HCU help- some quick "acrostical" signatures inside my files... you

 know, that kind of stuff that makes it impossible to fake any file without 

twisting so much of it loosing more time than it would take you to write the 

original one... or to reformulate it ex novo!

 So, anyway, I just wanted to prepare some CGI and "aol-deny" countermeasure 

in my site, for the future, using Javascript... and I realized suddendly that 

many of my readers may NOT know all the javascript TREASURES that we ALL can

find inside our very browsers... so I decided to write this essay: SURPRISES 

 INSIDE YOUR OWN BROWSER, which will interest, I believe, many Netscape users.

Dear reader, if you did not already know about this, be prepared for a very 

original and interesting trip INSIDE your own browser!

Navigator is full of tricks that are NOT explained inside its instructions. 

Try it out: first of all type inside Netscape the following... Hey! You MUST 

 have version 3 of Netscape's Navigator, else forget it... 

Explorer wont probably work... anyway I could not care less about what for  

vagaries you'll experience if you use MSIExploder or if you have a later,  

empty, bugged and huge version of Netscape itself, or if you have earlier 

releases... just email me and tell me if the tricks below did work or not. 

 I won't try them out myself on other browser versions... why should f r a v i a 

do something like that? I'm fed up with this continuous 'updating' of my software. 

OK: I'll tell you: I'm travelling around the Web with Netscape 3, which is stable 

 and has been "panzered" by me against the most notorious tricks (which have in 

the mean time been discovered and countered)... why should I pass over to a  

huge bugged version of Netscape "4"? Because it's newer? So what?

IGNITE MOCHA!

So, first of all type inside Netscape's location window (URL) the following...

 mocha:

Look! Nice isn't it? You get frames and an input window on the bottom... and 

anybody guesses what will you input inside this NEW "mocha typein" frame?

My dear readers: ANYTHING... WHATEVER! Indeed you could for instance try to 

enter many of the following objects (or functions)... there is a fully working 

 language inside your browser (that's one of the meany reasons it's so big) you

could for instance try string objects, like indexOf(), split(), anchor(), bold() 

or strike()... "history" and "document" are well known, and arrays can easily be 

perfected in order to gain more control.

Yet many of you -I know- still don't believe it... just try!

In a minute you will understand (and crack, hopefully :-)

New horizonts open, thinking at all the possibilities! :-)

Go on! Just try typing the following inside your [mocha:] window

 Math.random()

and then press [ENTER]

go on and press [ENTER] once more 

and then press [ENTER] once more 

it's easy... you dig it? Any Javascript command will be IMMEDIATELY parsed, 

noted and executed... well... you may even write your own functions

!

 For instance:

 function sub20(num) {return num-20}

 and then press [ENTER]

 and then write in the mocha command window:

 sub20(120)

 and see what happens... you get it? 



 Ha! good old f r a v i a  resumes some old tricks!

 Let's go on:

 Here are some Javascript's functions... hey, since you have them already 

 inside your browser (there is nothing about this kind of findings inside 

 its documentation, of course) it's probably a good idea to use them! 




The Math Object 



The Math object provides properties and methods for advanced mathematical calculations. 



                                            Properties 

 E          The value of Euler's constant (roughly 2.718) used as the base 

            for natural logarithms.

 LN10       The value of the natural logarithm of 10 (roughly 2.302).

 LN2        The value of the natural logarithm of 2 (roughly 0.693).

 PI         The value of PI # used in calculating the circumference and area 

            of circles (roughly 3.1415).

 SQRT1_2    The value of the square root of one-half (roughly 0.707).

 SQRT2      The value of the square root of two (roughly 1.414).



                                            Methods 



 abs(number)     Returns the absolute value of number. The absolute value is the 

                 value of a number with it's sign ignored so abs(4) and abs(-4) 

                 both return 4.

 acos(number)    Returns the arc cosine of number in radians.

 asin(number)    Returns the arc sine of number in radians.

 atan(number)    Returns the arc tangent of number in radians.

 ceil(number)    Returns the next integer greater than number # in other words, 

                 rounds up to the next integer.

 cos(number)     Returns the cosine of number where number represents an angle in radians.

 exp(number)     Returns the value of E to the power of number.

 floor(number)   Returns the next integer less than number # in other words, rounds down 

                 to the nearest integer.

 log(number)     Returns the natural logarithm of number.

 max(number1,number2)        Returns the greater of number1 and number2.

 min(number1,number2)        Returns the smaller of number1 and number2.

 pow(number1,number2)        Returns the value of number1 to the power of number2.

 random()       Returns a random number between zero and one (at press time, 

                this method only was available on UNIX versions of Navigator 2.0).

 round(number   Returns the closest integer to number # in other words rounds to the 

                closest integer.

 sin(number)    Returns the sine of number where number represents an angle in radians.

 sqrt(number)   Returns the square root of number.

 tan(number)    Returns the tangent of number where number represents an angle in radians.





 And that was only a listing for the math. object... study!

 Think for instance at what you could do with The navigator Object: 



 The navigator object reflects information about the version of Navigator being used. 

 Properties 

 appCodeName  A string value containing the code name of the client (for example, "Mozilla" 

              for Netscape Navigator).

 appName      A string value containing the name of the client (for example, "Netscape" 

              for Netscape Navigator).

 appVersion   A string value containing the version information for the client in the form

              versionNumber (platform; country)

              For instance, Navigator 2.0, beta 6 for Windows 95 (international version), 

              would have an appVersion property with the value "2.0b6 (Win32; I)".

 userAgent    A string containing the complete value of the user-agent header sent in 

              the HTTP request. This contains all the information in appCodeName and 

              appVersion: Mozilla/2.0b6 (Win32; I)



 And of course the most important object for us is "The password Object" 



 The password object reflects a password text field from an HTML form in JavaScript. 

 Properties 

 defaultValue   A string value containing the default value of the password element 

                (that is, the value of the VALUE attribute).

 name           A string value containing the name of the password element.

 value          A string value containing the value of the password element.

                                           Methods 

 focus()        Emulates the action of focusing in the password field.

 blur()         Emulates the action of removing focus from the password field.

 select()       Emulates the action of selecting the text in the password field.
OK, and of course I will add a lot to this VERY IMPORTANT section, whose importance for stalking matters should not be underestimated
(c) Fravia+ All rights reversed
You are deep inside Fravia's page of reverse engineering, choose your way out:

Javascript page
Fravia's JavaScript page
redhomepage redlinks redanonymity +ORC redstudents' essays redacademy database
redtools redcocktails redantismut CGI-scripts redsearch_forms redmail_Fravia
redIs reverse engineering legal?