search

svent / jsdetox

A Javascript malware analysis tool
https://svent.dev/projects/jsdetox/
591 stars 79 forks source link

document.createElement #23

Open beyefendi opened 7 years ago

beyefendi commented 7 years ago

Hi svent,

I try to execute this one line JavaScript

document.createElement("div");

The error message is that

wrong number of arguments (given 2, expected 1) (Line 2)

Show trace

/root/Desktop/jsdetox/ext/taka/lib/taka/dom/document.rb:30:in `createElement'
/root/Desktop/jsdetox/lib/framework/jsengine_v8.rb:81:in `block in []'
/usr/lib/ruby/vendor_ruby/v8/access/invocation.rb:16:in `methodcall'
/usr/lib/ruby/vendor_ruby/v8/access/invocation.rb:4:in `methodcall'
/usr/lib/ruby/vendor_ruby/v8/conversion/code.rb:33:in `block in call'
/usr/lib/ruby/vendor_ruby/v8/conversion/code.rb:23:in `call'
/usr/lib/ruby/vendor_ruby/v8/context.rb:99:in `Run'
/usr/lib/ruby/vendor_ruby/v8/context.rb:99:in `block (2 levels) in eval'
at <eval>:2:21
/usr/lib/ruby/vendor_ruby/v8/context.rb:99:in `block in eval'
/usr/lib/ruby/vendor_ruby/v8/context.rb:248:in `block (2 levels) in lock_scope_and_enter'
/usr/lib/ruby/vendor_ruby/v8/context.rb:245:in `HandleScope'
/usr/lib/ruby/vendor_ruby/v8/context.rb:245:in `block in lock_scope_and_enter'
/usr/lib/ruby/vendor_ruby/v8/context.rb:244:in `Locker'
/usr/lib/ruby/vendor_ruby/v8/context.rb:244:in `lock_scope_and_enter'
/usr/lib/ruby/vendor_ruby/v8/context.rb:204:in `enter'
/usr/lib/ruby/vendor_ruby/v8/context.rb:94:in `eval'
/root/Desktop/jsdetox/lib/framework/jsengine_v8.rb:215:in `execute'
/root/Desktop/jsdetox/app/controllers/backend.rb:32:in `block (2 levels) in <top (required)>'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:569:in `call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:569:in `block in route'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:51:in `block (3 levels) in process_destination_path'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:876:in `route_eval'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:51:in `block (2 levels) in process_destination_path'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:51:in `catch'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:51:in `block in process_destination_path'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:25:in `instance_eval'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:25:in `process_destination_path'
(eval):134:in `block (2 levels) in inject_root_methods'
(eval):124:in `catch'
(eval):124:in `block in inject_root_methods'
/var/lib/gems/2.3.0/gems/http_router-0.10.2/lib/http_router/node/root.rb:92:in `[]'
/var/lib/gems/2.3.0/gems/http_router-0.10.2/lib/http_router.rb:119:in `block in call'
/var/lib/gems/2.3.0/gems/http_router-0.10.2/lib/http_router.rb:119:in `catch'
/var/lib/gems/2.3.0/gems/http_router-0.10.2/lib/http_router.rb:119:in `call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:919:in `route!'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/application/routing.rb:909:in `dispatch!'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `block in call!'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `block in invoke'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `catch'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `invoke'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `call!'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:780:in `call'
/usr/lib/ruby/vendor_ruby/rack/session/abstract/id.rb:225:in `context'
/usr/lib/ruby/vendor_ruby/rack/session/abstract/id.rb:220:in `call'
/var/lib/gems/2.3.0/gems/sass-3.4.23/lib/sass/plugin/rack.rb:54:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:13:in `call'
/usr/lib/ruby/vendor_ruby/rack/methodoverride.rb:22:in `call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/reloader.rb:250:in `call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/logger.rb:388:in `call'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/showexceptions.rb:21:in `call'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `block in call'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:1499:in `synchronize'
/var/lib/gems/2.3.0/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/router.rb:83:in `block in call'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/router.rb:76:in `each'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/router.rb:76:in `call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:86:in `block in pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in `catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in `pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:39:in `receive_data'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
/usr/lib/ruby/vendor_ruby/thin/backends/base.rb:73:in `start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:162:in `start'
/usr/lib/ruby/vendor_ruby/rack/handler/thin.rb:19:in `run'
/var/lib/gems/2.3.0/gems/rack-1.6.5/lib/rack/server.rb:286:in `start'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/server.rb:45:in `start'
/var/lib/gems/2.3.0/gems/padrino-core-0.10.7/lib/padrino-core/server.rb:34:in `start'
./jsdetox:40:in `<main>'

I looked your codes and find that

      def createElement tag_name
        unless tag_name =~ /^\w+$/
          raise Taka::DOMException.new(Taka::DOMException::INVALID_CHARACTER_ERR)
        end
        Nokogiri::XML::Node.new(tag_name, self)
      end