Author Topic: flockCode_filter - input filter for FF or Flock browser!  (Read 1443 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32619
  • malware fighter
flockCode_filter - input filter for FF or Flock browser!
« on: April 26, 2007, 09:32:51 PM »
Hi malware fighters,

Malicious javascript is one of the main vectors of malware into the browser. Filtering  your javascript code is a must. Save  following file "flockCode_filter" or save as "firefoxCode_filter" as a JS file inside the browser components folder. Like to hear your comments:
Code: [Select]
window.onload = init;

function init()
{
 var contentDiv = document.getElementById('content');
final String inputStr = request.getParameter("input");
  final String numericPattern = "^\\d+$";
  if (!inputStr.matches(numericPattern))
  {
        /* invalid input, do something with error*/
  }
  /* regular expression that
   * tests for the existence of malicious characters
   * and replaces them with a space. */
       
  final String filterPattern="[<>{}\\[\\];\\&]";
  String inputStr = s.replaceAll(filterPattern," ");
# to inline/filter external javascript files you'll need 'abs_uri'
     # my $jsxray = JavaScript::XRay->new(
     #     abs_uri => $abs_url_or_local_file_path
     # );

     # use switches to change filtering behavior
     # $jsxray->switches( only => 'onData' );

     # use inlining to inline/filter external javascript files
     # $jsxray->inline_methods( 'dir1', 'dir2', \&callback, 'HTTP_GET' );

     # filter page
     print $js_xray->filter($html_page);
anon => 1
  no_exec_count => 1
$jsxray->inline_methods( @methods );
$javascript_code = &$code_ref( $src_attr, $abs_uri );

  $jsxray->filter( $html );
type="text/jscript">
}

if ([<>{}\\[\\];\\&])
{
 alert('abs_uri');
}
else
{
 alert('$src_attr, $abs_uri');
}
unless ($useraddress =~ /^([-\@\w.]+)$/) {
print "Security error.\n";
exit (1);
}

Enjoy,

polonus
« Last Edit: April 26, 2007, 11:04:09 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!