I'm excited to share a discovery about one way to go about tackling a big
and arcane site.
When I'm sitting in jdb, the JS routines that have been digested into
memory can be echoed:
* ok(window)
a,b,c,d,e,f,blah
* blah
* function blah (a) { b = arcaneMethod(a) }
So then simple code injection is possible, so that the arguments to blah
can become less opaque. Just overwrite blah from the jdb command line:
* function blah (a) { exportable_a = a; b = arcaneMethod(a) }
Now I can find out about the arguments to blah:
* exportable_a
* [Object object]
And it will also be legal to pipe this argument back in:
* blah(exportable_a)
And it will also be legal to try things from that function step by step
like:
* b=arcaneMethod(exportable_a)
In case I know blah produces a runtime error but I don't know which of
its six subsidiary calls raises the error, now I can try each one and get
down to the root cause more quickly!
Kevin
_______________________________________________
Edbrowse-dev mailing list
[email protected]
http://lists.the-brannons.com/mailman/listinfo/edbrowse-dev
