Hello there!<br>
<b>(XSS) Uses for string.fromCharCode</b><br>
<list>
<li>you can just put it into an document.write tag if quotes are backslashed. this function doesn't need any quotes to run, at all!
</li>
<li>if document.write is blocked, and/or a tag/function/word you want to use you can String.fromCharCode javascript functions. like "document.write("&lt;iframe src=bla.htm&gt;&lt;/iframe&gt;");" and then eval it.<br>
eval is a function that parses the code inside a string.<br>
so you just parse some string that contains blocked words (and quotes) with the function eval.
</li>
<li>if eval is blocked just use window.setInterval(),window.setTimeout() or window.execScript(), they all do basicially the same thing as eval, just that they do it in a specific way:<br>

window.setInterval() repeats the code in a specific interval (the second parameter) until you window.clearInterval() it.<br>
example:
<pre>
var a = String.fromCharCode(your code here);
var inter = window.setInterval(a, 1);
</pre>
make sure to add a "window.clearInterval(inter);" to your String.fromCharCode generated code, so it doesnt repeat it. unless you want it to repeat, of course.<br><br>

window.setTimeout() parses the code after a specific time.<br>
example:
<pre>
var a = String.fromCharCode(your code here);
window.setTimeout(a, 1);
</pre>
this will run the code straight after the page is loaded because the second parameter is set to 1, wich is 1/1000 of a second.<br><br>

window.execScript() does exactly the same thing like eval, only that you can choose between VBScript and Javascript in the second Parameter. "JScript" for Javascript, and "VBScript" for VBScript (heh)<br>
example:
<pre>
var a = String.fromCharCode(your code here);
window.execScript(a, 'Jscript');
</pre>
of course, you have to String.fromCharCode the second parameter as well, if quotes are backslashed.


</li>

</list>
<b><a href="/noquote.php">Back</a></b>