
Fravia's JavaScript page
SURPRISES INSIDE SURPRISES
(You probably did not know that you had these functions inside your browser)
by Fravia+
(07 Dicember 1997)
Courtesy of Fravia's page
of reverse engineering (of course :-)
Javascript tricks... netscape additions
SURPRISES INSIDE YOUR OWN BROWSER
(surprises inside surprises)
Did you know that you already had all this inside Netscape?
First of all: a little backhistory: there are some quite pathetical childs,
roaming lamers, that have stolen my site "in exstenso" trying to "gnaw" some
attention, just in order to spam usenet groups like alt.2600 (where no real
veritable cracker in his right mind would even THINK to write anything
important or significant). Purpose? Impress -for a week or two- the "me too" lamers.
Anyway, I imagine that this goes together with fame, and I'm almost flattered :-)
+Alistair is already stalking them in order to punish, yet I don't care much:
see...there are three or four naïv "copycat" kids at the moment... some of them
seriously working (stealing my pages :-), and they deserve gratitude! (Of course
a quick DejaVue stalking would suffice to check all their chronological
inconsistence :-) yet I'm quite flattered, and I just wanted to write -without
doubled +HCU help- some quick "acrostical" signatures inside my files... you
know, that kind of stuff that makes it impossible to fake any file without
twisting so much of it loosing more time than it would take you to write the
original one... or to reformulate it ex novo!
So, anyway, I just wanted to prepare some CGI and "aol-deny" countermeasure
in my site, for the future, using Javascript... and I realized suddendly that
many of my readers may NOT know all the javascript TREASURES that we ALL can
find inside our very browsers... so I decided to write this essay: SURPRISES
INSIDE YOUR OWN BROWSER, which will interest, I believe, many Netscape users.
Dear reader, if you did not already know about this, be prepared for a very
original and interesting trip INSIDE your own browser!
Navigator is full of tricks that are NOT explained inside its instructions.
Try it out: first of all type inside Netscape the following... Hey! You MUST
have version 3 of Netscape's Navigator, else forget it...
Explorer wont probably work... anyway I could not care less about what for
vagaries you'll experience if you use MSIExploder or if you have a later,
empty, bugged and huge version of Netscape itself, or if you have earlier
releases... just email me and tell me if the tricks below did work or not.
I won't try them out myself on other browser versions... why should f r a v i a
do something like that? I'm fed up with this continuous 'updating' of my software.
OK: I'll tell you: I'm travelling around the Web with Netscape 3, which is stable
and has been "panzered" by me against the most notorious tricks (which have in
the mean time been discovered and countered)... why should I pass over to a
huge bugged version of Netscape "4"? Because it's newer? So what?
IGNITE MOCHA!
So, first of all type inside Netscape's location window (URL) the following...
mocha:
Look! Nice isn't it? You get frames and an input window on the bottom... and
anybody guesses what will you input inside this NEW "mocha typein" frame?
My dear readers: ANYTHING... WHATEVER! Indeed you could for instance try to
enter many of the following objects (or functions)... there is a fully working
language inside your browser (that's one of the meany reasons it's so big) you
could for instance try string objects, like indexOf(), split(), anchor(), bold()
or strike()... "history" and "document" are well known, and arrays can easily be
perfected in order to gain more control.
Yet many of you -I know- still don't believe it... just try!
In a minute you will understand (and crack, hopefully :-)
New horizonts open, thinking at all the possibilities! :-)
Go on! Just try typing the following inside your [mocha:] window
Math.random()
and then press [ENTER]
go on and press [ENTER] once more
and then press [ENTER] once more
it's easy... you dig it? Any Javascript command will be IMMEDIATELY parsed,
noted and executed... well... you may even write your own functions
!
For instance:
function sub20(num) {return num-20}
and then press [ENTER]
and then write in the mocha command window:
sub20(120)
and see what happens... you get it?
Ha! good old f r a v i a resumes some old tricks!
Let's go on:
Here are some Javascript's functions... hey, since you have them already
inside your browser (there is nothing about this kind of findings inside
its documentation, of course) it's probably a good idea to use them!
The Math Object
The Math object provides properties and methods for advanced mathematical calculations.
Properties
E The value of Euler's constant (roughly 2.718) used as the base
for natural logarithms.
LN10 The value of the natural logarithm of 10 (roughly 2.302).
LN2 The value of the natural logarithm of 2 (roughly 0.693).
PI The value of PI # used in calculating the circumference and area
of circles (roughly 3.1415).
SQRT1_2 The value of the square root of one-half (roughly 0.707).
SQRT2 The value of the square root of two (roughly 1.414).
Methods
abs(number) Returns the absolute value of number. The absolute value is the
value of a number with it's sign ignored so abs(4) and abs(-4)
both return 4.
acos(number) Returns the arc cosine of number in radians.
asin(number) Returns the arc sine of number in radians.
atan(number) Returns the arc tangent of number in radians.
ceil(number) Returns the next integer greater than number # in other words,
rounds up to the next integer.
cos(number) Returns the cosine of number where number represents an angle in radians.
exp(number) Returns the value of E to the power of number.
floor(number) Returns the next integer less than number # in other words, rounds down
to the nearest integer.
log(number) Returns the natural logarithm of number.
max(number1,number2) Returns the greater of number1 and number2.
min(number1,number2) Returns the smaller of number1 and number2.
pow(number1,number2) Returns the value of number1 to the power of number2.
random() Returns a random number between zero and one (at press time,
this method only was available on UNIX versions of Navigator 2.0).
round(number Returns the closest integer to number # in other words rounds to the
closest integer.
sin(number) Returns the sine of number where number represents an angle in radians.
sqrt(number) Returns the square root of number.
tan(number) Returns the tangent of number where number represents an angle in radians.
And that was only a listing for the math. object... study!
Think for instance at what you could do with The navigator Object:
The navigator object reflects information about the version of Navigator being used.
Properties
appCodeName A string value containing the code name of the client (for example, "Mozilla"
for Netscape Navigator).
appName A string value containing the name of the client (for example, "Netscape"
for Netscape Navigator).
appVersion A string value containing the version information for the client in the form
versionNumber (platform; country)
For instance, Navigator 2.0, beta 6 for Windows 95 (international version),
would have an appVersion property with the value "2.0b6 (Win32; I)".
userAgent A string containing the complete value of the user-agent header sent in
the HTTP request. This contains all the information in appCodeName and
appVersion: Mozilla/2.0b6 (Win32; I)
And of course the most important object for us is "The password Object"
The password object reflects a password text field from an HTML form in JavaScript.
Properties
defaultValue A string value containing the default value of the password element
(that is, the value of the VALUE attribute).
name A string value containing the name of the password element.
value A string value containing the value of the password element.
Methods
focus() Emulates the action of focusing in the password field.
blur() Emulates the action of removing focus from the password field.
select() Emulates the action of selecting the text in the password field.
OK, and of course I will add a lot to this VERY IMPORTANT section, whose importance for
stalking matters should not be underestimated
(c) Fravia+ All rights reversed
You are deep inside Fravia's page of reverse engineering,
choose your way out:

Fravia's JavaScript page
homepage
links
anonymity
+ORC
students' essays
academy database
tools
cocktails
antismut CGI-scripts
search_forms
mail_Fravia
Is reverse engineering legal?