Reputation: 145
Extracting Strings from script tag using javascript
How can i extract all the strings present in script tags. I want to extract each string and find whether any shellcode is present. But javascript uses several methods in declaring a string For example a string can be
var y="Some text";
var x1 = "3+4";
eval("\144\157\143\165\155\145\156\164"); //string given in eval();
It can be in a concatenated format
var x1 = "te ActiveX Co"; var x2 = "ntrol"; var x3 = x1 + x2;
var x4 = "Execu" + x3;
How can i identify each and every string even if it is defined in eval() or document.write() by using simple javacript code.
Upvotes: 1
Views: 435
Answers (1)
Reputation: 156384
This is a very complex problem for which there is no simple solution.
You could use a parser generator and the BNF definition of the ECMAScript language (surely you can find it on the web somewhere) to extract strings from the target source code.
[Edit] Since the linked parser generator is written in JavaScript and supports web browsers as a platform you can generate a custom ECMAScript parser, embed it in a page, and fetch all the embedded script source (e.g. $('script').map(function(){return $(this).text();})). Note that your custom parser could simply echo the parsed strings, e.g. via console.log(...).
Upvotes: 1
Related Questions
- How can I load script tags from a string?
- How to find "<script>" tag from the string with JAVASCRIPT/ regular expression
- How to extract string data from script tag, where script doesn't have any id?
- Get data from script tag
- Parse contents of script tags inside string
- Parse HTML string containing script tag and document.write
- extract string with java-script
- Extract HTML with javascript
- Extract script tags from a HTML string
- How to extract javascript contents