|
|
A pure javascript hack can't add or delete files (except for that sites cookie). On the other hand, javascript can be used to steal your username and password. If a cite allows users to post links, and doesn't properly sanitize user input, a hacker (or script kiddie) could insert a "cookie stealer" by using javascript entities. Also, IE supports VBscript, which is like javascript... read more.
But now many browser such Internet Explorer 6 SP2 OR Firefox can we set not to enabled javascripts function.
Also the syntax like WScript.CreateObject("Wscript.Shell") to create object that can manipulate system isnt supported by web browser. That syntax is the base part for vbs/js virus to take an action. So there is a little chans that infected by javascript/vbscript. Thing that we must take care is when some site is want to install software/ActiveX. If that site we didnt trust or the site has bad reputation, then dont install the software. It may contain a virus!. 
 One thing i learnt on work experience was the windows scripting shell and i'd say that all home users should disable it completely, or atleast zip the actually program that runs the scripts. CODE WScript.CreateObject("Wscript.Shell") If you disable the scripting engine then scripts such as this cant run even if your browser lets them. The only real reason for wscript to be enabled on any computer is if its part of a large-ish network because wscript can help to manage multiple computers very quickly but for home users its not really needed. if anyone wants to disable wscript there is a download from symantec that will do it for you http://www.symantec.com/security_response/...-011610-5007-99 It also further explains what ive said and the risks of wscript.
As time goes , hackers find their own way of getting their spyware and adware into other computers. I never experienced any such attack through my browsers yet.
Anywway, thaks for the info .. QUOTE(techclave @ Aug 30 2006, 10:33 AM)  As time goes , hackers find their own way of getting their spyware and adware into other computers. I never experienced any such attack through my browsers yet. Anywway, thaks for the info .. I use IE explorer 7, apparently its safer than Mozilla
you know jvscript isn't that powerful as a matter of fact jvscript is very limited the most damage you can do with jvscript is problably just delete or add some files you can't really hijack a pc with jvscript now if you use java or flash action script then you have the power to hijack and totaly hack somones pc
QUOTE(ishwar @ Sep 20 2006, 04:29 PM) I use IE explorer 7, apparently its safer than Mozilla Just give the hackers some time to find exploitable stuff in it and it'll be the same sh*t as IE6... just a matter of time I guess. The CreateObject sutff probably won't work, but soon there will be something else to exploit and get your pc some trouble The good thing is that Mozilla updates FireFox Browser as soon as they find some critical problem in it. Now, for coincidence there is a Firefox update I have to do here, I clicked 'Later' because I'm doing some important stuff here xDI dunno if IE does it too, this whole update thing, but if if does not, I think it should
I can't imagine javascript doing much damage to a computer. If you're really paranoid, you can turn off javascript, which won't really affect your browsing experience.
if you use firefox noscript is a good security measure, it only lets the javascript you want through, once it's saved you don't have to do it again for that site, so after a week of browsing most sites you can just block or allow the ones you want to and then only do it on rare occasions,
did that make any sense?
yes java script can be used to run attacking malicious scripts in your browser that can create havoc to your computer.
To escape from this use the latest browsers like IE 7 or Opera and even Firefox 2 to warn you of websites that have these malicious scripts in it. Latest Entries
A pure javascript hack can't add or delete files (except for that sites cookie). On the other hand, javascript can be used to steal your username and password. If a cite allows users to post links, and doesn't properly sanitize user input, a hacker (or script kiddie) could insert a "cookie stealer" by using javascript entities.
Also, IE supports VBscript, which is like javascript in the fact it's run client side, yet is more like visual basic in form and function, and thereby more powerfull.
But it can hurt you emotionally until throwing up...
Have you ever found about the GNAA last measure unified X code? Hope not... So freaking sick... Let's say it's a compilation of all the sick stuff you find on internet (goat**, tub****, tub***) and more sick evil eew stuff... When you watch it you get "eyeraped" (my friend said so), also, the little bonus factor is that when you watch it there is a embedded soundclip that loops really loud of a man screaming "HEY EVERYBODY, I AM WATCHING GAY PORNO" so everyone around you notices this and goes watch what the hell you are doing and they find you ahead that ton of images. SICK images. All popping up on your web browser and lots of tabs and more stuff and the windows move around, making it difficult. All that stuff increases highty your adrenaline. BTW, see how javascript can do magic? I forgot to mention that it opens your e-mail client a lot of times like your web browser windows and it induces you to send an e-mail to the GNAA so you join them... Perfect prank, JS seems to do a lot of stuff. :S Another fact is that GNAA is: Gay *BLEEP* American Association. This is enough to say that the website is totally unsafe... Watch out for those stupid guys. Please! xD
A firefox addon called "NoScript" can let you choose what sites to block by default, and what sites to allow. I use that and I find that it's really useful, especially when I'm paranoid on a site. Although javascript doesn't do much harm to browsers or computers...
javascript is not really dangerous. I think it depends on the browser that you use.
IE supports many javascript functions. While it is good to have additional function in javascript, it can be dangerous for the user when hacker finds a way to do malicious thing. Just choose your browser wisely.
Recent Queries:-
Keywords : attack javascript javascripts webpage attack
Well lets start off by saying these 2 people are complete morons. The first guy who had this thing I was paranoid! After all that cleaning my computer from spyware I realized the following codes Looking for attack, javascript, javascripts, webpage, attack
|
|
 Attack Through Javascript. - Javascripts on a webpage is enough to attack. |
| ADD REPLY / Got an Opinion! | a humble request :-) | RAPID SEARCH! | Free Hosting | [X] |
|
Express your Opinions, Thoughts or Contribute more info. to help others. Ask your Doubts & Queries to get answers, So that "Together We can help others!" |
Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP. | 500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE |
|