Javascript page
Fravia's JavaScript page

SURPRISES INSIDE SURPRISES
(You probably did not know that you had these functions inside your browser)
by Fravia+
+cracker

(07 Dicember 1997)

Courtesy of Fravia's page of reverse engineering (of course :-)

Javascript tricks... netscape additions

SURPRISES INSIDE YOUR OWN BROWSER (surprises inside surprises)

Did you know that you already had all this inside Netscape? First of all: a little backhistory: there are some quite pathetical childs, roaming lamers, that have stolen my site "in exstenso" trying to "gnaw" some attention, just in order to spam usenet groups like alt.2600 (where no real veritable cracker in his right mind would even THINK to write anything important or significant). Purpose? Impress -for a week or two- the "me too" lamers. Anyway, I imagine that this goes together with fame, and I'm almost flattered :-) +Alistair is already stalking them in order to punish, yet I don't care much: see...there are three or four naïv "copycat" kids at the moment... some of them seriously working (stealing my pages :-), and they deserve gratitude! (Of course a quick DejaVue stalking would suffice to check all their chronological inconsistence :-) yet I'm quite flattered, and I just wanted to write -without doubled +HCU help- some quick "acrostical" signatures inside my files... you know, that kind of stuff that makes it impossible to fake any file without twisting so much of it loosing more time than it would take you to write the original one... or to reformulate it ex novo! So, anyway, I just wanted to prepare some CGI and "aol-deny" countermeasure in my site, for the future, using Javascript... and I realized suddendly that many of my readers may NOT know all the javascript TREASURES that we ALL can find inside our very browsers... so I decided to write this essay: SURPRISES INSIDE YOUR OWN BROWSER, which will interest, I believe, many Netscape users. Dear reader, if you did not already know about this, be prepared for a very original and interesting trip INSIDE your own browser! Navigator is full of tricks that are NOT explained inside its instructions. Try it out: first of all type inside Netscape the following... Hey! You MUST have version 3 of Netscape's Navigator, else forget it... Explorer wont probably work... anyway I could not care less about what for vagaries you'll experience if you use MSIExploder or if you have a later, empty, bugged and huge version of Netscape itself, or if you have earlier releases... just email me and tell me if the tricks below did work or not. I won't try them out myself on other browser versions... why should f r a v i a do something like that? I'm fed up with this continuous 'updating' of my software. OK: I'll tell you: I'm travelling around the Web with Netscape 3, which is stable and has been "panzered" by me against the most notorious tricks (which have in the mean time been discovered and countered)... why should I pass over to a huge bugged version of Netscape "4"? Because it's newer? So what? IGNITE MOCHA! So, first of all type inside Netscape's location window (URL) the following... mocha: Look! Nice isn't it? You get frames and an input window on the bottom... and anybody guesses what will you input inside this NEW "mocha typein" frame? My dear readers: ANYTHING... WHATEVER! Indeed you could for instance try to enter many of the following objects (or functions)... there is a fully working language inside your browser (that's one of the meany reasons it's so big) you could for instance try string objects, like indexOf(), split(), anchor(), bold() or strike()... "history" and "document" are well known, and arrays can easily be perfected in order to gain more control. Yet many of you -I know- still don't believe it... just try! In a minute you will understand (and crack, hopefully :-) New horizonts open, thinking at all the possibilities! :-) Go on! Just try typing the following inside your [mocha:] window Math.random() and then press [ENTER] go on and press [ENTER] once more and then press [ENTER] once more it's easy... you dig it? Any Javascript command will be IMMEDIATELY parsed, noted and executed... well... you may even write your own functions ! For instance: function sub20(num) {return num-20} and then press [ENTER] and then write in the mocha command window: sub20(120) and see what happens... you get it? Ha! good old f r a v i a resumes some old tricks! Let's go on: Here are some Javascript's functions... hey, since you have them already inside your browser (there is nothing about this kind of findings inside its documentation, of course) it's probably a good idea to use them!
The Math Object The Math object provides properties and methods for advanced mathematical calculations. Properties E The value of Euler's constant (roughly 2.718) used as the base for natural logarithms. LN10 The value of the natural logarithm of 10 (roughly 2.302). LN2 The value of the natural logarithm of 2 (roughly 0.693). PI The value of PI # used in calculating the circumference and area of circles (roughly 3.1415). SQRT1_2 The value of the square root of one-half (roughly 0.707). SQRT2 The value of the square root of two (roughly 1.414). Methods abs(number) Returns the absolute value of number. The absolute value is the value of a number with it's sign ignored so abs(4) and abs(-4) both return 4. acos(number) Returns the arc cosine of number in radians. asin(number) Returns the arc sine of number in radians. atan(number) Returns the arc tangent of number in radians. ceil(number) Returns the next integer greater than number # in other words, rounds up to the next integer. cos(number) Returns the cosine of number where number represents an angle in radians. exp(number) Returns the value of E to the power of number. floor(number) Returns the next integer less than number # in other words, rounds down to the nearest integer. log(number) Returns the natural logarithm of number. max(number1,number2) Returns the greater of number1 and number2. min(number1,number2) Returns the smaller of number1 and number2. pow(number1,number2) Returns the value of number1 to the power of number2. random() Returns a random number between zero and one (at press time, this method only was available on UNIX versions of Navigator 2.0). round(number Returns the closest integer to number # in other words rounds to the closest integer. sin(number) Returns the sine of number where number represents an angle in radians. sqrt(number) Returns the square root of number. tan(number) Returns the tangent of number where number represents an angle in radians. And that was only a listing for the math. object... study! Think for instance at what you could do with The navigator Object: The navigator object reflects information about the version of Navigator being used. Properties appCodeName A string value containing the code name of the client (for example, "Mozilla" for Netscape Navigator). appName A string value containing the name of the client (for example, "Netscape" for Netscape Navigator). appVersion A string value containing the version information for the client in the form versionNumber (platform; country) For instance, Navigator 2.0, beta 6 for Windows 95 (international version), would have an appVersion property with the value "2.0b6 (Win32; I)". userAgent A string containing the complete value of the user-agent header sent in the HTTP request. This contains all the information in appCodeName and appVersion: Mozilla/2.0b6 (Win32; I) And of course the most important object for us is "The password Object" The password object reflects a password text field from an HTML form in JavaScript. Properties defaultValue A string value containing the default value of the password element (that is, the value of the VALUE attribute). name A string value containing the name of the password element. value A string value containing the value of the password element. Methods focus() Emulates the action of focusing in the password field. blur() Emulates the action of removing focus from the password field. select() Emulates the action of selecting the text in the password field.

OK, and of course I will add a lot to this VERY IMPORTANT section, whose importance for stalking matters should not be underestimated

(c) Fravia+ All rights reversed
You are deep inside Fravia's page of reverse engineering, choose your way out:

Javascript page
Fravia's JavaScript page

redhomepage redlinks redanonymity +ORC redstudents' essays redacademy database
redtools redcocktails redantismut CGI-scripts redsearch_forms redmail_Fravia
redIs reverse engineering legal?