0x22bb/hacktricks
1
2
Fork 0
mirror of https://github.com/carlospolop/hacktricks.git synced 2023-12-14 19:12:55 +01:00
Code Releases Activity

GitBook: [master] one page modified

Browse source
This commit is contained in:
CPol 2021-03-07 16:18:16 +00:00 committed by gitbook-bot
parent 0248940402
commit 49bd512ef6
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 90 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
pentesting-web/xss-cross-site-scripting/README.md
View file

@ -952,5 +952,94 @@ Find some [**tools for XSS here**](xss-tools.md)**.**
* Trick to download .map js files: [https://medium.com/@bitthebyte/javascript-for-bug-bounty-hunters-part-2-f82164917e7](https://medium.com/@bitthebyte/javascript-for-bug-bounty-hunters-part-2-f82164917e7)
## \*\*\*\*
## Other JS tricks
### Arrow functions
Arrow functions allow you to generate functions in a sigle line more easily \(if you understand them\)
```javascript
// Traditional
function (a){ return a + 1; }
// Arrow forms
a => a + 100;
a => {a + 100};
// Traditional
function (a, b){ return a + b + 1; }
// Arrow
(a, b) => a + b + 100;
// Tradictional no args
let a = 4;
let b = 2;
function (){ return a + b + 1; }
// Arrow
let a = 4;
let b = 2;
() => a + b + 1;
```
So, most of the previous functions are actually useless because we aren't saving them anywhere to save and call them. Example creating the `plusone` function:
```javascript
// Traductional
function plusone (a){ return a + 1; }
//Arrow
plusone = a => a + 100;
```
### Bind function
The bind function allow to create a **copy** of a **function modifying** the **`this`** object and the **parameters** given.
```javascript
//This will use the this object and print "Hello World"
var fn = function ( param1, param2 ) {
console.info( this, param1, param2 );
}
fn('Hello', 'World')
//This will still use the this object and print "Hello World"
var copyFn = fn.bind();
copyFn('Hello', 'World')
//This will use the "console" object as "this" object inside the function and print "fixingparam1 Hello"
var bindFn_change = fn.bind(console, "fixingparam1");
bindFn_change('Hello', 'World')
//This will still use the this object and print "fixingparam1 Hello"
var bindFn_thisnull = fn.bind(null, "fixingparam1");
bindFn_change('Hello', 'World')
//This will still use the this object and print "fixingparam1 Hello"
var bindFn_this = fn.bind(this, "fixingparam1");
bindFn_change('Hello', 'World')
```
{% hint style="info" %}
Note that using **`bind`** you can manipulate the **`this`** object that is going to be used when calling the function.
{% endhint %}
### Function code leak
If you can **access the object** of a function you can **get the code** of that function
```javascript
function afunc(){
return 1+1;
}
console.log(afunc.toString()); //This will print the code of the function
console.log(String(afunc)); //This will print the code of the function
console.log(this.afunc.toString()); //This will print the code of the function
console.log(global.afunc.toString()); //This will print the code of the function
```
In cases where the **function doesn't have any name**, you can still print the **function code** from within:
```javascript
(function (){ return arguments.callee.toString(); })()
```