Skip to content

Instantly share code, notes, and snippets.

@tommyh

tommyh/01_Readme.md

Last active February 4, 2018 12:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save tommyh/783b5bc62efe880ebd5cbd8eb6d83fd4 to your computer and use it in GitHub Desktop.
Save tommyh/783b5bc62efe880ebd5cbd8eb6d83fd4 to your computer and use it in GitHub Desktop.
Download ZIP
Find overriden native objects
Raw
01_Readme.md

The goal of this code is to find javascript native objects which have been overriden (by various script tags).

Usage

  1. Open Chrome Devtools
  2. Run the "create clean iframe" code
  3. Switch to the "foo" console js context
  4. Run the "find non-native functions" code
  5. It will output any matches it finds

Next Steps

The usability could be improved drastically:

  • Bookmarklet
  • No need for chrome dev tools
  • Output a nice reporting format
  • Remove duplicates

Code quality: The code was just smashed together until it worked, it could use a fair amount of clean up and refactoring.

Raw
02_clean_iframe.js
var iframe = document.createElement("iframe");
iframe.id = "foo";
iframe.name = "foo";
document.body.appendChild(iframe);
Raw
03_find_overriden_functions.js
(function(){
var getAllMethods = function(object) {
return Object.getOwnPropertyNames(object).filter(function(property) {
var isFunc = false;
try {
isFunc = typeof object[property] == 'function'
} catch(e){
isFunc = false;
}
return isFunc;
});
}
var allObjects = Object.getOwnPropertyNames(window);
var methods = [];
for(var i = 0; i < allObjects.length; i++){
var objStr = allObjects[i];
try {
var obj = eval(objStr);
} catch(e){
continue;
}
if(obj && objStr !== "parent" && objStr !== "top"){
var objMethods = getAllMethods(obj);
for(var j = 0; j < objMethods.length; j++){
methods.push({objStr: objStr, obj: obj, method: objMethods[j]});
}
}
}
for(var i = 0; i < allObjects.length; i++){
var objStr = allObjects[i] + ".prototype";
try {
var obj = eval(objStr);
} catch(e){
continue;
}
if(obj && objStr !== "parent" && objStr !== "top"){
var objMethods = getAllMethods(obj);
for(var j = 0; j < objMethods.length; j++){
methods.push({objStr: objStr, obj: obj, method: objMethods[j]});
}
}
}
for(var i = 0; i < methods.length; i++){
var method = methods[i];
var parentObj;
if(method.objStr.indexOf(".prototype") > 0){
try {
parentObj = window.parent[method.objStr.split(".prototype")[0]].prototype;
} catch(e){ debugger; }
} else {
parentObj = window.parent[method.objStr];
}
if(parentObj){
var parentObjMethod = parentObj[method.method];
if(parentObjMethod){
var parentObjMethodStr = parentObjMethod.toString();
if(parentObjMethodStr.indexOf("{ [native code] }") === -1){
console.log(method.objStr + "." + method.method + " =", parentObjMethodStr);
}
}
}
}
})();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment