Jump to content

Anyone want to help me understand some code?


Chris Gerling

Recommended Posts

I have a good grasp on reading most code, just curious if anyone feels like breaking down exactly what this is doing?

ction.getSelectedElement()||dojo.html.selection.getParentElement();
while(node){
if(dojo.html.selection.isTag(node,arguments).length>0){
return node;
}
node=node.parentNode;
}
return null;
},isTag:function(node,tags){
if(node&&node.tagName){
for(var i=0;i<tags.length;i++){
if(node.tagName.toLowerCase()==String(tags[i]).toLowerCase()){
return String(tags[i]).toLowerCase();
}
}
}
return "";
},selectElement:function(_25b){
var _25c=dojo.global();
var _25d=dojo.doc();
_25b=dojo.byId(_25b);
if(_25d.selection&&dojo.body().createTextRange){
try{
var _25e=dojo.body().createControlRange();
_25e.addElement(_25b);
_25e.select();
}
catch(e){
dojo.html.selection.selectElementChildren(_25b);
}
}else{
if(_25c["getSelection"]){
var _25f=_25c.getSelection();
if(_25f["removeAllRanges"]){
var _25e=_25d.createRange();
_25e.selectNode(_25b);
_25f.removeAllRanges();
_25f.addRange(_25e);
}
}
}
},selectElementChildren:function(_260){
var _261=dojo.global();
var _262=dojo.doc();
_260=dojo.byId(_260);
if(_262.selection&&dojo.body().createTextRange){
var _263=dojo.body().createTextRange();
_263.moveToElementText(_260);
_263.select();
}else{
if(_261["getSelection"]){
var _264=_261.getSelection();
if(_264["setBaseAndExtent"]){
_264.setBaseAndExtent(_260,0,_260,_260.innerText.length-1);
}else{
if(_264["selectAllChildren"]){
_264.selectAllChildren(_260);
}
}
}
}
},getBookmark:

Link to comment
Share on other sites

Was this running in frames by any chance. It looks like it is following pages in a frame and copying/posting them back to the parent frame as bookmarking the sites visited. I assume this is not all of the code, but only a piece of it?

I know opera has a tool for breaking down pages into a tree format of the layout. I can't explaing it exactly, but you can take a look here: http://dev.opera.com/tools/

Scroll down and it talks about NODES a bit more.

Link to comment
Share on other sites

Yes this is just a small piece.

Does it look malicious?  Or is it just a bookmarking function?

Not sure, but it looks like it is scanning each pages text/source of the page. It may even be grabbing posted text, like passwords and such, but I am not that good with scripting. Someone on here will probably know, but you might want to post more of the code so they can verify its intensions. Just don't give it all away in the event that it is malicious, you don't want to spread some viral code to a bunch of script kiddies. I leave that up to you though...

It may be possible they are using some xss attack. I know you can use scripts to change elements on a page, so you can probably redirect it using these code you posted above.

Take a look at this: http://www.sauter-online.de/dojo/tests/tes..._selection.html

It uses dojo.html selection to allow a user to control aspects of the page like selecting a paragraph of text.

Link to comment
Share on other sites

Yeah. This looks to me like just a chunk of a class declaration from the Dojo Toolkit itself.

If there's any malicious code around, it will probably reside in an external file that calls upon these functions.

Link to comment
Share on other sites

I have a good grasp on reading most code, just curious if anyone feels like breaking down exactly what this is doing?

ction.getSelectedElement()||dojo.html.selection.getParentElement();
while(node){
if(dojo.html.selection.isTag(node,arguments).length>0){
return node;
}
node=node.parentNode;
}
return null;
},isTag:function(node,tags){
if(node&&node.tagName){
for(var i=0;i<tags.length;i++){
if(node.tagName.toLowerCase()==String(tags[i]).toLowerCase()){
return String(tags[i]).toLowerCase();
}
}
}
return "";
},selectElement:function(_25b){
var _25c=dojo.global();
var _25d=dojo.doc();
_25b=dojo.byId(_25b);
if(_25d.selection&&dojo.body().createTextRange){
try{
var _25e=dojo.body().createControlRange();
_25e.addElement(_25b);
_25e.select();
}
catch(e){
dojo.html.selection.selectElementChildren(_25b);
}
}else{
if(_25c["getSelection"]){
var _25f=_25c.getSelection();
if(_25f["removeAllRanges"]){
var _25e=_25d.createRange();
_25e.selectNode(_25b);
_25f.removeAllRanges();
_25f.addRange(_25e);
}
}
}
},selectElementChildren:function(_260){
var _261=dojo.global();
var _262=dojo.doc();
_260=dojo.byId(_260);
if(_262.selection&&dojo.body().createTextRange){
var _263=dojo.body().createTextRange();
_263.moveToElementText(_260);
_263.select();
}else{
if(_261["getSelection"]){
var _264=_261.getSelection();
if(_264["setBaseAndExtent"]){
_264.setBaseAndExtent(_260,0,_260,_260.innerText.length-1);
}else{
if(_264["selectAllChildren"]){
_264.selectAllChildren(_260);
}
}
}
}
},getBookmark:

This is not malicious, http://manual.dojotoolkit.org/dojo.html#api-reference

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...