+- The Un-Official Proxomitron Forum (https://www.prxbx.com/forums)
+-- Forum: Proxomitron Config Sets (/forumdisplay.php?fid=43)
+--- Forum: Sidki (/forumdisplay.php?fid=44)
+---- Forum: Bug Reports (/forumdisplay.php?fid=47)
+---- Thread: JSProperties.ptxt bug (/showthread.php?tid=1802)
JSProperties.ptxt bug - JJoe - Jul. 19, 2011 03:42 AM
http://forum.proxcn.info/viewtopic.php?f=3&t=394
Am I the only one seeing a Proxomitron syntax error dialog at http://fxtrade.oanda.com/analysis/forex-order-book ?
You may have to open the Proxomitron's main dialog to see the error dialog.
[attachment=682]
JSProperties.ptxt contains
Code:
## ||||||||||||||||||||||||||||||||| Exploits |||||||||||||||||||||||||||||||||
FileSystemObject& $SET(#=.NOFileSystemObject)
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5
KeyFrame(^ [^(])& $SET(#=.NOKeyFrame)
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5
callee \)+ .toString \( \)&& $SET(#=.NO)\#&
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5
setCLSID(^$TST(keyword=*.a_jsmeth.*))& $SET(#=.NOsetCLSID)
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5
CreateObject (^$TST(keyword=*.a_jsmeth.*))
$NEST(\(,(*\,)+{1} " ' ,\))&& $SET(#=.NO)\#&
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5
fromCharCode \((^$TST(keyword=*.a_jsmeth.*))
(^ enkripsi)(($INEST(\(,\))|*)\)&& parseInt \( [a-z_][a-z0-9_]+.substr*
| [#0:*] \+ [#0:*]*|*(\^|\& (\(|255))*&& $SET(#=\(prxVoidV,)\#)&
$SET(0=$TST(volat=*.log:[12]c.*)$ADDLST(Log-Rare,WEB JS_Prop\t.\3 \t\u)) &&\5The Match of "Block/Modify: Sel. JS Properties" and "<a>...: Block sel. JS Properties" contains "\3".
The Replace of "Block/Modify: Sel. JS Properties" and "<a>...: Block sel. JS Properties" contains "\0".
It looks like \3 may capture strings that cause problems when "$SET(0" executes $ADDLST.
For now, I'm changing \3 to $WESC(\3). [attachment=683]
This will make the Log-Rare entries look ugly, however.
Code:
WEB JS_Prop .fromCharCode\(g.charCodeAt\(h\)^f\[\(f\[d\]\+f\[b\]\)%256\]\) http://fxtrade.oanda.com/wandacache/ob-06a465144feb1de7a4850186d2dc70902306fa21.jsFilters in question
Code:
[Patterns]
Name = "Block/Modify: Sel. JS Properties 07.04.02 [sd] (d.2)"
Active = TRUE
URL = "($TST(hCT=*html)|$TYPE(js)|$TYPE(vbs))(^$TST(keyword=*.(a_js|a_jsprop).*))"
Limit = 128
Match = ".$TST(script=[1s]*)($LST(JSProperties))\3((^[a-z.])|.(^php|asp|cgi|htm)[a-z])\2"
"&"
"$SET(eHits=$TST(\5=$TST(hCT=*html)*)$GET(eHits)"
"%3Cspan class=%22Pr0xFly-Span%22%3E$GET(mHead) JS Property:%3C/span%3E"
" $ESC(\3)%3Cbr class=%22Pr0xFly-Br%22 /%3E"
")"
"($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_Prop\t.\3 \t\u)|)"
Replace = "\@\2\0"
Name = "<a>...: Block sel. JS Properties 09.05.20 (multi) [sd] (d.1)"
Active = TRUE
Multi = TRUE
URL = "$TST(hCT=*html)(^$TST(keyword=*.(a_js|a_jsprop).*))"
Limit = 1024
Match = "$NEST(<a\s(^class\=\\+"+Pr0XFl),(*\s|)(on[a-z]+=|href="+ javascript:)*,>)"
"|$NEST(<body\s,(*\s|)on[a-z]+=*,>)"
"|$NEST(<img,*\son[a-z]+=*,>)"
"|$NEST(<base,*\son[a-z]+=*,>)"
""
"&(^$TST(script=*)|$TST(comment=1))<\1\s"
"&&("
""
"\#(.($LST(JSProperties))\3([^a-z.]|.[a-z])\#|on("
"(contextmenu|copy|cut|dragstart|paste|selectstart)\7=$AV(\6)"
"|(mousedown)\7=$AV( return \(+ false&\6)"
"|mouseover$SET(#=onmoueseover)"
"(="status=($AV(*)|(\&[a-z0-9#]+;|[^;])++);)\# return (\(|)true(\)|);+$SET(3=overstatus)"
") )"
"&&($TST(\6=*)$SET(3=\6)$SET(2=on\7)|(*\s((on[a-z]+)\2=|href="+ (javascript)\2:))+)"
"($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_Prop_\1 \t\2 \t\3 \t\u)|)*"
""
")+{1,*}\#"
Replace = "\0\@"RE: JSProperties.ptxt bug - whenever - Jul. 19, 2011 09:36 AM
(Jul. 19, 2011 03:42 AM)JJoe Wrote: Am I the only one seeing a Proxomitron syntax error dialog at http://fxtrade.oanda.com/analysis/forex-order-book ?
You may have to open the Proxomitron's main dialog to see the error dialog.
I didn't see that syntax error dialog with Proxomitron's main dialog opened.
It does was caught into Log-Rare without causing any problems:
Code:
WEB JS_Prop .fromCharCode(g.charCodeAt(h)^f[(f[d]+f[b])%256]) http://fxtrade.oanda.com/wandacache/ob-06a465144feb1de7a4850186d2dc70902306fa21.js. - zoltan - Jul. 21, 2011 05:25 AM
I also get the same Log-Rare entry with no error message.