Easy Brute-Force Web Password Cracking with HTML Applications
Posted 2008-06-17 in JavaScript by Johann.
Here’s something I did a year ago to help a friend who had forgotten a password.
I wrote an HTML Application (HTA) that would brute-force crack the login form on a website. This particular website used a four-digit number as a password.
HTML Applications
HTML Applications are a long-forgotten (?) technology introduced with Microsoft Internet Explorer 5 on Windows. An HTML Application is a web page whose code runs without security restrictions and can for example use all ActiveX controls available on the system. Of course, the same origin policy is disabled, too.
Automating web pages
Since the same origin policy that would prohibit cross-domain communication is disabled, my crack tried out all number combinations by filling out the login form and submitting it until a certain text was not present on the page.
Example Code
Download a demo HTML application.
It should work on Microsoft Windows in Internet Explorer 5 and greater. And no, despite the name, it does not do anything nasty.
If you look into the source, you’ll notice that there is not much of it. All I do is
- loading a web page in an
IFrame, - binding a JavaScript event handler to the
onloadevent and - accessing the DOM of the remote web page to submit a form or to look at the
innerHTMLproperty.
Bonus information
I thought that HTML Applications would make for a very interesting concept for content scrapers. If you would like to find out whether your website is framed in an HTML application, you can access the document.body.clientWidth property. If your web page is contained in an HTML Application, this property is 0.
5 comments
6 quick jQuery tips: Text manipulation, timers and elements
Posted 2008-02-26 in JavaScript by Johann.
This is the first of several jQuery snippet collections.
Remove a word with jQuery
The simple way – using regular expressions:
var el = $('#id');
el.html(el.html().replace(/word/ig, ""));
Test it!
jQuery timer callback functions
Want to call a method after a certain timeout?
window.setTimeout(function() {
$('#id').empty();
}, 1000);
Remove this element one second after clicking it.
If you want to call a task periodically, use the Timer plugin for jQuery.
Verify that an element exists in jQuery
Simply test the .length property. Bonus information: This is used in inc.
if ($('#id').length) {
// do stuff
}
Is there an element with an id of “top”?
jQuery not working in IE 5.0 or 5.5?
jQuery does not support older Internet Explorer versions. To make sure your users do not see JavaScript errors, edit your jquery.js file as follows:
// Put this before the original jQuery code
if (!(window.showModelessDialog && !document.implementation)) {
(function() {
// Original jQuery code goes here
// Put this after the jQuery code
})();
}
How to use a plugin with jQuery?
jQuery plugins are included on the page after the main jquery.js file:
<script type="text/javascript" src="jquery-1.1.4.js"></script> <script type="text/javascript" src="jquery.roflcopter-1.0.js"></script> <script type="text/javascript" src="jquery.lolcode-2.4.js"></script>
This is the beginner’s version. The advanced version is copying all your JavaScript files into a single file and then compressing it with YUI and /packer/.
Dynamically adding <div> elements with jQuery
…or any other element of course.
$('<div>hello<\/div>').appendTo(document.body);
Append some text to this blog entry.
Pages
Subscribe
RSS 2.0, Atom or subscribe by Email.
Top Posts
- DynaCloud - a dynamic JavaScript tag/keyword cloud with jQuery
- 6 fast jQuery Tips: More basic Snippets
- xslt.js version 3.2 released
- xslt.js version 3.0 released XML XSLT now with jQuery plugin
- Forum Scanners - prevent forum abuse
- Automate JavaScript compression with YUI Compressor and /packer/