Zeroday 01100100011010010

I have some tricks that I use to unravel obfuscated code but came upon this one tonight from dwesemann at sans.org

function showme(txt) {
document.write(“<textarea rows=”50″ cols=”50″>”);document.write(txt); document.write(“</textarea>”);
}

It’s nice in that you simply replace escape or document.write(ln) with showme and it will create a text box. I normally use the extremely lazy method of replacing those methods with alert. It’s super safe and simple to type. I may adapt this into my routine though. Props to dwesemann on this.

BTW as a note to browser developers could you PLEASE let me select text from alerts that I could copy to clipboard?