this post was submitted on 08 Aug 2023
64 points (100.0% liked)
Firefox
17903 readers
92 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
would it help to curl down the source html and scripts? I'm no professional at dealing with malicious code, but i would definitely recommend doing it inside a clean VM or docker container or something
curl the source down works, but it makes things more complicated. The source code is obfuscated making it incredibly hard to read. This is where using the web debugging tools shine. If I want to figure out which code is trigger what, I can just look at the call stack. I also wanted to look at the internet traffic to see how things work from there. I could intercept all the HTTP requests but that wouldn't give things like the call stack. I think it would be much easier if there's a way stopping the debugger spamming trick.
ah ok makes sense. maybe after curling you can delete the debuggers/infinite loops in the scripts and then load all that locally into the browser for the tools? will just need to change the script sources go be your local copies