-3

If I wanted to hook calls to functions like eval and settimeout in Javascript to get things like the code eval is going to execute and through function settimeout is going to call, where would I start?

Scenario is, I go to a webpage in chrome and i want a breakpoint set at each of these points. They may however be obsfuscated (potentially malicious) so i can't just search the source for those kinds of calls.

Wouldn't i be able to use chrome directly to do this or would i really need to create a hook into v8 to capture these calls to specific js functions?

geekscrap
  • 965
  • 2
  • 12
  • 26

1 Answers1

0

There is no way to intercept all code execution events. You would have to modify the sources.

That said, both eval and setTimeout are just functions, installed as configurable properties on the global object. You can overwrite them with wrappers:

var original_eval = eval;
eval = function(str) {
  console.log("eval was called with: " + str);
  return original_eval(str);
}

Note that there is a big conceptual difference between eval and setTimeout: the former takes fresh source code, the latter can only schedule calls to existing functions (that might have been created with eval).

There is also the Function constructor, which is similar to eval.

jmrk
  • 34,271
  • 7
  • 59
  • 74
  • Thanks, but since it's not my code I'm going to be debugging and I have no idea of the state it'll be in I cant really wrap them. – geekscrap Mar 01 '18 at 08:11
  • When you mean modify the sources do you mean the Javascript engine, V8? To be honest that's what I was thinking I would need to do in order to catch all calls. So, where world I start in there?! – geekscrap Mar 01 '18 at 08:13
  • 1
    For eval, maybe try adding `isolate->debug()->HandleDebugBreak(kIgnoreIfTopFrameBlackboxed);` to `BUILTIN(GlobalEval)` in (v8)/src/builtins/builtins-global.cc? Not sure whether that'll work, I've never tried it. `setTimeout` is not in V8, and I'm not sure what would be the best way to hook into it. – jmrk Mar 01 '18 at 18:22