https://github.com/jsrei/javascript-window-listener-library
javascript逆向开发基础组件,监听window的变化
https://github.com/jsrei/javascript-window-listener-library
crawler js-library js-reverse reverse-engineering web-security-research
Last synced: 11 months ago
JSON representation
javascript逆向开发基础组件,监听window的变化
- Host: GitHub
- URL: https://github.com/jsrei/javascript-window-listener-library
- Owner: JSREI
- License: mit
- Created: 2022-07-26T05:44:14.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-02-11T17:41:50.000Z (about 2 years ago)
- Last Synced: 2025-03-29T13:04:56.577Z (12 months ago)
- Topics: crawler, js-library, js-reverse, reverse-engineering, web-security-research
- Language: JavaScript
- Homepage:
- Size: 17.6 KB
- Stars: 15
- Watchers: 1
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# javascript逆向开发基础组件: window监听器
# 一、 简介
用于监听window的变化,目前只有新增全局变量监控,最初是为了用在javascript hook库中实现对window变量的proxy功能。
# 二、Example
```js
(async () => {
const monitor = new WindowMonitor();
// 在window新增变量时会触发此处传入的Listener函数,Listener函数可以有多个
await monitor.addWindowListener(key => {
console.log(new Date(), key);
});
// 启动监控器,其实就是个while循环不断的检查window上是否有新增变量
await monitor.startWindowMonitor();
})();
const chars = "ABCDEFGHJKMNPQRSTWXYZ"
function randomString(length) {
length = length || 100;
const charArray = [];
for (let i = 0; i < length; i++) {
charArray.push(chars.charAt(Math.floor(Math.random() * chars.length)));
}
return charArray.join("");
}
function genGlobalVars() {
window[randomString(40)] = randomString(6);
setTimeout(genGlobalVars, Math.random() * 10)
}
setTimeout(() => {
genGlobalVars();
}, Math.random() * 10)
```
# 三、原理
其实原理简单粗暴,就是每隔一段时间遍历window对其所有属性做一个快照,然后前后快照做diff,就能够找出来新增的变量或者删除的变量,对于第一个快照会认为是初始化,这样就能够把默认的属性给识别出来不触发新增事件。