0

I am suspecting that a popular javascript extension (which I run through GreaseMonkey) is introducing adware into my browser (Firefox). Before I report this to the original developers of the extension (or alternately report the developers!), I want to ensure that their code contains adware. Their code is very large and contains several javascript files. Is there some way to scan and detect adware inside such a codebase?

shivams
  • 923
  • 12
  • 27
  • This question is not suitable for this forum, it is kind of a discussion, not suitable for here – Shreyan Mehta Nov 05 '19 at 11:41
  • 1
    @ShreyanMehta The question is objective in nature with a clear goal: *what is the method of scanning javascript files for adware*? – shivams Nov 05 '19 at 11:46
  • iirc Greasemonkey just has simple userscripts so your claim that you're running a multi-file extension through it sounds odd. Anyway, whatever's going on I'd check the network tab in the dev console to see if there are unnecessary API calls to unknown servers. – Andy Nov 05 '19 at 11:46
  • @Andy the user-script, in case here, fetches files from an online repository. – shivams Nov 05 '19 at 11:47
  • Then I would remove that script because it sounds like a security nightmare. – Andy Nov 05 '19 at 11:48
  • @Andy Yes. But the script and the whole repository is open-source. And it's a well known script, used "relatively" widely. – shivams Nov 05 '19 at 11:49

1 Answers1

0

I would inspect the suspect ad elements and find out their source URI, then search for that adress (or parts of it) in the JS files.

MiK
  • 918
  • 4
  • 16
  • Thanks for your answer. However, the adware doesn't display ads on web pages. Rather, it randomly injects ads on hyperlinks of web pages, and it does that with very low frequency (i.e. it happens sometimes). So, normally, detecting the web-pages doesn't show anything malicious. – shivams Nov 06 '19 at 15:36
  • First you should find out the method of injection, i.e. does it change the src attribute of the a-element or does it overlay an onclick event handler. Check in the developer console by inspecting the element. Depending on the coding style of the script (JS/Jquery/etc), you can then search for the spot where the a-element is manipulated. – MiK Nov 07 '19 at 07:43