I've been making a lot more progress on viral functions over the course of the last couple of weeks. The big breakthrough has been rewriting a method to get access to calling functions, and figuring out a feature of the Chrome Dev tools that allows easy access to those functions.
Functions in javascript are either passed by reference or value. I'm honestly still trying to figure that out, because I was almost sure this code wouldn't work until it did.
Regardless, this is a big deal. I use arguments.callee.caller to get references to the functions that interact with my infected functions. If it didn't work, I'd have no way to infect other functions that called mine.
The other big thing that I alluded to earlier was learning that "use strict" will only ever apply to the current script. If this wasn't the case, I couldn't use arguments.callee.caller at all, because scripts that included "use script" would just throw errors as soon as I injected my code. But.... that's not the case with Chrome, and it remains a viable tactic.
No comments:
Post a Comment