|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sat Sep 16, 2017 3:33 pm Post subject: Need Chrome Extension Analyzed |
|
|
I was hoping that someone could take a look at this chrome extension to see if there is anything fishy about it (mostly js files). For example, see if it sends any data (e.g. urls, images, login credentials) to a remote server.
All this extension is supposed to do is download some images from an Amazon page automatically, for convenience, as opposed to doing each step manually.
You can download the files here:
http://www.mirrorcreator.com/files/KBSIB0ZL/extension_1_0_1.zip_links
Thanks.
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Sat Sep 16, 2017 8:22 pm Post subject: |
|
|
Looks fine, just adds an event listener to Chromes download event and triggers for matching elements.
Code: | var main_image = $('.image.selected .imgTagWrapper img:first'); |
If a valid main image is found, it will tell Chrome to download it.
_________________
- Retired. |
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sat Sep 16, 2017 9:23 pm Post subject: |
|
|
Thanks for looking at this, atom0s. I will +rep you when I can.
One thing that stood out to me was this segment of code in the jquery.min.js file:
Code: | {try{return new XMLHttpRequest}catch(e){}};var dn=x.ajaxSettings.xhr(),gn={0:200,1223:204},mn=0,yn={};e.ActiveXObject&&x(e).on("unload",function(){for(var e in yn)yn[e]();yn=undefined}),x.support.cors=!!dn&&"withCredentials"in dn,x.support.ajax=dn=!!dn,x.ajaxTransport(function(e){var t;return x.support.cors||dn&&!e.crossDomain?{send:function(n,r){var i,o,s=e.xhr();if(s.open(e.type,e.url,e.async,e.username,e.password),e.xhrFields)for(i in e.xhrFields)s[i]=e.xhrFields[i];e.mimeType&&s.overrideMimeType&&s.overrideMimeType(e.mimeType),e.crossDomain||n["X-Requested-With"]||(n["X-Requested-With"]="XMLHttpRequest") |
It seems suspicious to me but that does not say much.
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Sat Sep 16, 2017 10:06 pm Post subject: |
|
|
++METHOS wrote: | Thanks for looking at this, atom0s. I will +rep you when I can.
One thing that stood out to me was this segment of code in the jquery.min.js file:
Code: | {try{return new XMLHttpRequest}catch(e){}};var dn=x.ajaxSettings.xhr(),gn={0:200,1223:204},mn=0,yn={};e.ActiveXObject&&x(e).on("unload",function(){for(var e in yn)yn[e]();yn=undefined}),x.support.cors=!!dn&&"withCredentials"in dn,x.support.ajax=dn=!!dn,x.ajaxTransport(function(e){var t;return x.support.cors||dn&&!e.crossDomain?{send:function(n,r){var i,o,s=e.xhr();if(s.open(e.type,e.url,e.async,e.username,e.password),e.xhrFields)for(i in e.xhrFields)s[i]=e.xhrFields[i];e.mimeType&&s.overrideMimeType&&s.overrideMimeType(e.mimeType),e.crossDomain||n["X-Requested-With"]||(n["X-Requested-With"]="XMLHttpRequest") |
It seems suspicious to me but that does not say much. |
jQuery is a very commonly used library for web-based things. Most websites in existence today use it in some form or another. The specific chunk you showed is the minified version of:
https://github.com/jquery/jquery/blob/262acc6f1e0f71a3a8b786e3c421b2e645799ea0/src/ajax/xhr.js
It is used for cross-domain queries and such. Overall though, jQuery is a very well known, widely used and trusted JavaScript library. (And to be honest, jQuery is actually the reason JavaScript is where it is today in terms of how evolved and mature of a language it has become. jQuery shaped it and pushed it to its limits and brought it out of the death sentence it was being served years ago when it was shunned as a language. Now it's one of, if not, the most widely used programming language in the world.)
_________________
- Retired. |
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sun Sep 17, 2017 4:53 am Post subject: |
|
|
Very good. Thanks so much, atom0s, I really appreciate it.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|