Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Yahoo Messenger Source Code Released: I.M Window Code

from [n3td3v] Network Security [Permanent Link]
Subject: [Full-disclosure] Yahoo Messenger Source Code Released: I.M Window Code
Date: Sun, 30 Apr 2006 00:34:47 +0100 
$Handler("HandleFSCommand",arguments[0],arguments[1])
$Handler("HandleFSCommand",arguments[0],arguments[1])
$Handler("HandleFSCommand",arguments[0],arguments[1])
$Handler("HandleFSCommand",arguments[0],arguments[1])
$Handler("HandleFSCommand",arguments[0],arguments[1]) length) { return
text.substring(0,length) + '...'; } return text; } function
PadLeft(text, length, padChar) { while (text.length ').join(">");
g_debugWindow.document.write(n.getHours() + ":" + n.getMinutes() + ":"
+ n.getSeconds() + "." + PadLeft(n.getMilliseconds(),3,"0") + "   :  "
+ text + "
40) { searchTextTruncated = searchTextTruncated.substring(0,40) +
'...'; } html='Loading content...
Search for '+searchTextTruncated+''; searchShow.hurryUp = true; } }
else { // are we late? if (searchShow.hurryUp) { // barely
searchShow.hurryUp = false; } else { if (!searchShow.noWait) {
searchShow.htmlWaiting = html; searchShow.bgColor = backgroundColor;
return; } } } clearTimeout(searchTimer); // html massaging //html =
html.split("document.write('hi')") doesn't work well. html =
html.split(""+ 'body { background:' + backgroundColor + ';border:1px
solid #555;border-color:' + borderColor +
';padding:0px;margin:2px;font-size:8pt;font-family:tahoma;
overflow:hidden; white-space: nowrap}'+ 'td { font-size:8pt;
font-family:tahoma; vertical-align:top;white-space: wrap}'+ 'p,div
{margin:0px; padding:0px;white-space:wrap;clear:left;
white-space:wrap}'+ '.ystcontrol { float:right; right:0px;}'+
""+html+"= 5.5) { searchTooltip= window.createPopup(); } var
searchTimer = 0; var savedSearchText = ''; function handleSelection()
{ if (document.selection.type == "Text") { var range =
document.selection.createRange(); var text = range.text; if (text!='')
{ var rs = range.getClientRects(); var r = rs[rs.length-1]; if (!r)
return; var top = r.top; var right = r.right; if
((text==handleSelection.gText)&&(top==handleSelection.gTop)&&(right==handleSelection.gRight))
return; clearTimeout(handleSelection.selectTimer); var
clicky=Id("$clicky"); clicky.style.display='none'; if
((text!='')&&!handleSelection.down) { handleSelection.gText= text;
handleSelection.gTop = top; handleSelection.gRight = right;
handleSelection.data = [ text, r.left, r.bottom+3, r.bottom-r.top ];
return; } } return; } if (handleSelection.gText!='') {
handleSelection.gText=''; hideSelector(); } } // check if we're
mousing over or out of a selected area function checkSelector(x,y) {
if (!g_livewordsEnabled) return; if (document.selection.type !=
"Text") return; var range = document.selection.createRange(); var text
= range.text; x-=range.boundingLeft; y-=range.boundingTop; if
(xrange.boundingWidth || yrange.boundingHeight) { if
(checkSelector.over) { if (g_bypassClicky) { savedSearchText = '';
clearTimeout(searchTimer); searchTimer =
setTimeout("searchTooltip.hide();searchShow.visible=false;", 500); }
else { clearTimeout(handleSelection.selectTimer);
handleSelection.selectTimer = setTimeout(hideSelector, 500); }
checkSelector.over = false; } return; } // we should be going line by
line. add me. XXX var rs = range.getClientRects(); var r =
rs[rs.length-1]; if (!r) return; var clicky = Id("$clicky"); var d =
clicky.style.display; clicky.style.display=''; clicky.style.top =
r.bottom - clicky.offsetHeight; clicky.style.left = r.right;
clicky.style.display=d; clearTimeout(handleSelection.selectTimer);
handleSelection.data = [ text, r.left, r.bottom+3, r.bottom-r.top ];
if (g_bypassClicky) { if (!searchTooltip.isOpen) selectOver(500); }
else { handleSelection.selectTimer =
setTimeout("Id('$clicky').style.display=''", 300); }
checkSelector.over = true; } function hideSelector() {
clearTimeout(handleSelection.selectTimer); var clicky=Id("$clicky");
clicky.style.display='none'; handleSelection.gText=''; } function
$ShowAdditionalFiles(afimageid, afid) { var varAdditionalFileList =
document.getElementById(afid); var varafImage =
document.getElementById(afimageid); if (varAdditionalFileList &&
varafImage) { if (varAdditionalFileList.style.display == "none") {
varAdditionalFileList.style.display = "inline"; varafImage.src =
varafImage.expandedImage; } else { varAdditionalFileList.style.display
= "none"; varafImage.src = varafImage.collapsedImage; } } } function
$UpdateShowHideDescr(descr) { var shd =
document.getElementById('show_hide_descr'); if (shd) { shd.innerHTML =
descr; } } function $UpdateProgressBarDescription(pmdid, pm,
newDescription) { var varProgressDescription =
document.getElementById(pmdid); if (varProgressDescription) {
varProgressDescription.innerHTML = newDescription;
$UpdateProgressBar(pm, 0);
setTimeout("$doAutoscroll=$UpdateAutoScroll(); Scroll()",1); } }
function $UpdateProgressBar(pmid, nPercent) { var r; var barPx; var
percent; var varProgressBar; var varLeft; var varLeftText; var
varRightText; varProgressBar = document.getElementById(pmid); varLeft
= document.getElementById(pmid + 'Left'); varLeftText =
document.getElementById(pmid + 'LeftText'); varRightText =
document.getElementById(pmid + 'RightText'); r = nPercent / 100; r = r
1 ? 1 : r); barPx = Math.floor(r*160); percent = Math.floor(r*100);
varRightText.innerHTML = percent + "%"; if( barPx == 0) {
varLeft.style.visibility="hidden"; varProgressBar.leftHidden = 'true';
} else { varLeft.style.width = barPx; varLeftText.innerHTML =
varRightText.innerHTML; if( varProgressBar.leftHidden == 'true') {
varLeft.style.visibility="visible"; varProgressBar.leftHidden='false';
} } varProgressBar.currentValue = nPercent; } function
AppendInput(s){$Invoke(23,s)}; function GetInput(m){$Invoke(25,m)};
function SetInput(s){$Invoke(26,s)}; function
ReplaceInputSelection(s){$Invoke(27,s)}; function Id(n){ return
document.all[n] }; function InsertHTML(t,o,p){ if(typeof
o=="undefined") o=document.body; if(typeof o=="string") o=Id(o);
if(typeof p=="undefined") p="BeforeEnd"; o.insertAdjacentHTML(p,t); }
function RemoveHTML(o){ if(typeof o=="string") o=Id(o);
o.outerHTML=""; } function InsertInline(t){
$doAutoScroll=$UpdateAutoScroll(); if(Id("$in"))
InsertHTML(t,"$in","BeforeBegin"); else InsertHTML(t,$imbody);
Scroll(); } function Clear() { if(Id("$in")) { $imbody.innerHTML="



"; } else { $imbody.innerHTML=""; } } function GetCustomData(k){
$Invoke(33,k) }; function SetCustomData(k,v){ $Invoke(32, k+"="+v) };
function GetExternalData(u){ $Invoke(21,u) }; function
SetLocalData(t){ $Invoke(20,Marshal(t)) }; function Marshal(o){ if
((typeof o=='undefined')||(o==null)) return 'null'; switch
(o.constructor){ case Number: case Boolean: return o.toString(); case
Function: return 'null'; case String: return
'\"'+o.replace(/\"/g,'\\\"')+'\"'; case Array: var s='['; for (var
i=0;i"); var o=""; while (o!=t) { o=t; t=t.replace(re,r) }; return t;
} function MarkSmileys(s){ var t=""; for (var i = 0; i
0)t+=ts+")"; t+=": "+text+"

"; Insert(t); } } function $HandleStatus(text,mode){ var c=true;
if(IMV&&IMV.HandleStatus)c=IMV.HandleStatus(text,mode); if(c){
if(document.all.ystatus)RemoveHTML(ystatus); var
classname="graystatus"; if(mode==4)classname="greenstatus"; else
if(mode==3)classname="redstatus"; Insert("
"+text+"

"); } } function $HandleIMVNotify(text){ var c=true;
if(IMV&&IMV.HandleIMVNotify)c=IMV.HandleIMVNotify(text); if(c){
if(document.all.$imvnotify)RemoveHTML($imvnotify);
if(text!="")Insert("
"+text+"

"); } } function $HandleBuzz(text,mode){ var c=true;
if(IMV&&IMV.HandleBuzz)c=IMV.HandleBuzz(text,mode); if(c){
InsertInline("
"+text+"

maxAud){ if(typeof document.all["aud"+$AudibleArray[0]] =="object"){
document.all["aud"+$AudibleArray[0]].outerHTML="" } for(var i=0; i
"+n+": " + "" + "" + "" + "" + "" + "" + "" + caption + "

"; InsertInline(html); } } function $HandleAction(n,m,t){ var c=true;
if(IMV&&IMV.HandleAction){ if(IMV.HandleAction(n,m) && n == 0){
InsertInline("
"+t+"

"); Buzz(""); } } else if(n==0)$HandleBuzz("
"+t+"

", m); } function $HandleP2PState(n){ $SetInfo("P2P",n);
if(IMV&&IMV.HandleP2PState)IMV.HandleP2PState(n); } function
$HandleViewRecent(s){ var c=true;
if(IMV&&IMV.HandleViewRecent)c=IMV.HandleViewRecent(s); if(c){
$doAutoScroll=$UpdateAutoScroll();
Id("$rh").style.display=(s==0)?"none":""; Scroll(); } } //---PRIVATE
FUNCTIONS function $Invoke(a,b){ $Y.InvokeCommand(a,b) }; function
$SetBase(s){Path=s}; function $SetInfo(s,d){YMSGR[s]=d}; function
$Copy(){ var t=document.selection.createRange().text; if (t!="")
$Invoke(10,t); else if((typeof
$Element!="undefined")&&($Element.tagName=="A"))
$Invoke(10,$Element.innerText); } SetInfo=$SetInfo; function
$ExecRPC(n,p){ if (typeof RPC.$fn[n] == "function") { RPC.$fn[n](p) }
}; function $Load(n,d){ $FilterCheck(); LoadIMV=function(){}
$Unload(); $Backup();
Redirect="http://rd.yahoo.com/messenger/imv/"+n+"/?";; eval(d);
document.all.tags('BASE')[0].href=Path; LoadIMV(); IMV=IMVironment;
IMV.Start(); } function $Unload(){ if (IMV){ IMV.Stop();
IMV=IMVironment=null; $Restore(); } } function $FilterCheck(){ var t="
"; InsertHTML(t); if(typeof $fc.filters=="unknown" || typeof
$fc.filters=="undefined" || typeof $fc.filters.alpha=="undefined"){
$Y.SetError(1); Filters=false; }else Filters=true; RemoveHTML($fc);
return Filters; } function $Backup(){ for (var j=0;j=0;j--)
RemoveHTML(tmp[j]); RestoreStyles(); RPC.$clear();
SetConversationBody(null); SetScrollBody(null);
ShowConversationBody(true); $doAutoScroll=true; Scroll(); } function
$Append(n,t,ds,ts,m){ switch(m){ case 0: case 1:
if(IMV&&IMV.FilterMessage) t=IMV.FilterMessage(n,t,m); return
$HandleMessage(n,t,ds,ts,m); case 2: return
$HandleMessage(n,t,ds,ts,m); case 3: case 4: case 5: case 6: return
$HandleStatus(t,m); case 7: return $HandleIMVNotify(t) case 9:
InsertInline("
"+t+"

"); break; default: return alert("Undefined Text Type: "+m); } }
function $AppendRecent(n,t,ds,ts,m){ var c=true;
if(IMV&&IMV.HandleRecent)c=IMV.HandleRecent(n,t,m,ds,ts); if(c){ var
classname; switch(m){ case 0: classname="sendername";break; case 1:
classname="recvername";break; case 2: classname="ymsgrname";break;
case 9: InsertHTML("
"+t+"

",$rh);return; default: return alert("Undefined Text Type: "+m); } var x="
0)x+=ts+")"; x+=": "+t+"

=0;i--){ var timestamp=Msgs[i].getAttribute("t",0); var
datestamp=Msgs[i].getAttribute("d",0); var
name=Msgs[i].getAttribute("n",0);
if(timestamp!=null&&datestamp!=null&&name!=null){
name=name.split("&").join("&").split("=b.scrollHeight)&&$canAutoScroll);
} function $OverlayNotify(x) { if(!Filters)return; if($inProgress){
if(x=="") setTimeout("Fade('$overlay', 100, 0, -10, 100,
'RemoveHTML($overlay);$inProgress=false;')", 3000); else
$overlay.innerHTML = x; }else if(x!=""){ var t=" " + x + "0 && opacity
=0;i--){ RemoveHTML(Elements[i].parentNode.parentNode); } } else
RemoveHTML(Elements.parentNode.parentNode); } } function
$InlineAction(a){ $Y.InvokeCommand(34,a) }; function $ViewTipCenter(){
$Y.InvokeCommand(38,0); return false; } function $SetIMV(a){
$Y.InvokeCommand(24,a); return false; } //---DEPRECATED function
Insert(t){InsertInline(t)}; function GetConversationBody(){ return
$imbody }; function SetConversationBody(b){ if (b==null) { $imbody=$im
} else { $imbody=b } }; function SetScrollBody(b){ if (b==null) {
$scrollbody=$im } else { $scrollbody=b } }; function
ShowConversationBody(b){ $imbody.style.display=b?"":"none" }; function
SetMinSize(x,y){ $Y.SetMinSize(x,y) }; function Resize(x,y){
$Y.Resize(x,y) }; function GetId(n){ if(n==NAMES.sender.display)
return NAMES.sender.id; if(n==NAMES.receiver.display) return
NAMES.receiver.id; return n; } $Scroll=Scroll; TT_NULL=-1; TT_SENT=0;
TT_RCVD=1; on error resume next flashVer = 0 if
(IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash.6"))) then
flashVer = 6 elseif
(IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash.5"))) then
flashver = 5 elseif
(IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash.4"))) then
flashver = 4 end if call SetInfo("Flash_Version",flashVer) Show Recent
Messages (F3)


n3td3v (14/06/05 01:30:41): Hello World

n3td3v (14/06/05 01:30:42): Hello World



document.body.onresize=$HandleResize; $imbody=$im; $scrollbody=$im;
RestoreStyles(); ScrollWidth=$sm.offsetWidth-$sm.clientWidth;
RemoveHTML($sm);
document.onmousemove=function(){$Element=window.event.srcElement;handleSelection.down=(event.button!=0);if
(handleSelection.down){hideSelector();}else
checkSelector(event.clientX,event.clientY);};
document.onmouseup=function(){
setTimeout("checkSelector("+event.clientX+","+event.clientY+")",200);
} setInterval(handleSelection, 100);

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable, n3td3v
Next by Date:  [Full-disclosure] Yahoo Messenger Source Code Released: Chat Window Code, n3td3v
Previous by Thread:  [Full-disclosure] NISCC DNS Protocol Vulnerability, Markus Jansson
Next by Thread:  Re: [Full-disclosure] Yahoo Messenger Source Code Released: I.M Window Code, nocfed
Indexes:  [Date] [Thread] [Top] [All Lists]