Method discovery in SAJAX can be a slightly tricky task, as
methods are not defined in a standard file. However, methods exposed by SAJAX will be
proceeded by x_. For example, if a method named foobar in the web application is exposed
by SAJAX, it will be called x_foobar. Typically, the file containing a list of method
definitions is the first page requested of the application. For example, if it is an ASP application,
the methods would typically be defined in www.example.com/application/
index.asp.
SAJAX can be a difficult framework to identify due to its lack of standard file
inclusion. Instead of looking for a sajax.js or other such identifying file, you need to
search through the initial pages returned from an application for script common to the
SAJAX framework. An example of such script is shown here:
// remote scripting library
// (c) copyright 2005 modernmethod, inc
var sajax_debug_mode = false;
var sajax_request_type = "POST";"
function sajax_init_object() {
SAJAX is available at www.modernmethod.com/sajax/.
156 Hacking Exposed Web 2.0
Framework Identi?¬? cation/Method Discovery Example
The following is an example of how to use a browser and proxy combination to identify
the framework in use by an AJAX application, as well as discover methods it makes
publicly available.
Pages:
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300