Filed Under #hackingthebrowser

Reverse Engineering an Extension

I’m reverse engineering the Tab Snooze extension. This extension lets you “close unnecessary tabs and make them magically reappear when you need them.”

Here is the file system for this extension. I downloaded the files using Chrome Extension Source Viewer. alt text

Looking in the manifest.json file, it requires the following permissions:

"permissions": [
        "tabs",
        "alarms",
        "storage",
        "notifications",
        "idle",
        "<all_urls>"
    ]

It has a browser action which ‘snoozes’ the current tab and background script ‘background.js’ that uses the jquery and moment.js libraries. The content-script.js creates an angular.js app (which I don’t know anything about) that handles the majority of the extension’s functionality. I believe the background.js script has functions that deal with getting info from or changing the browser. It contains functions such as getting all existing tabs or creating a new tab.

The manifest.json also includes the commands API which lets you create keyboard commands. Each command references a function defined in background.js

"commands": {
        "_execute_browser_action": {
            "suggested_key": {
                "default": "Alt+S"
            },
            "description": "Snooze active tab"
        },
        "repeat_last_snooze": {
            "suggested_key": {
                "default": "Alt+Shift+S"
            },
            "description": "Repeat last snooze action"
        },
        "open_snoozed_list": {
            "suggested_key": {
                "default": "Alt+Shift+L"
            },
            "description": "Open snoozed tabs list"
        },
        "new_todo_page": {
            "suggested_key": {
                "default": "Ctrl+Shift+1"
            },
            "description": "New todo tab",
            "global": true
        }
    }
Written on April 21, 2018

Reverse Engineering a Bookmarklet

I tried to reverse engineer this Page Zipper bookmarklet. This is the original code I got from copy pasting the bookmarklet:

javascript:(function()%7Bif(window%5B%27pgzp%27%5D)%7B_pgzpToggleBookmarklet()%3B%7Delse%7Bwindow._page_zipper_is_bookmarklet%3Dtrue%3Bwindow._page_zipper%3Ddocument.createElement(%27script%27)%3Bwindow._page_zipper.type%3D%27text/javascript%27%3Bwindow._page_zipper.src%3D%27//www.printwhatyoulike.com/static/pagezipper/pagezipper_10.js%27%3Bdocument.getElementsByTagName(%27head%27)%5B0%5D.appendChild(window._page_zipper)%3B%7D%7D)()%3B

Decode with the decoder

Using this decoder:

javascript:(function(){if(window['pgzp']){_pgzpToggleBookmarklet();}else{window._page_zipper_is_bookmarklet=true;window._page_zipper=document.createElement('script');window._page_zipper.type='text/javascript';window._page_zipper.src='//www.printwhatyoulike.com/static/pagezipper/pagezipper_10.js';document.getElementsByTagName('head')[0].appendChild(window._page_zipper);}})();

De-obfuscate with JS Nice

Using JS Nice:

'use strict';
javascript: {
  (function() {
    if (window["pgzp"]) {
      _pgzpToggleBookmarklet();
    } else {
      /** @type {boolean} */
      window._page_zipper_is_bookmarklet = true;
      /** @type {!Element} */
      window._page_zipper = document.createElement("script");
      /** @type {string} */
      window._page_zipper.type = "text/javascript";
      /** @type {string} */
      window._page_zipper.src = "//www.printwhatyoulike.com/static/pagezipper/pagezipper_10.js";
      document.getElementsByTagName("head")[0].appendChild(window._page_zipper);
    }
  })();
}
;

Analysis

When the bookmarlet is executed, the bookmarklet creates a script element that references the main PageZipper functionalities script and adds it to the head of the page. The script with the main functionalities is www.printwhatyoulike.com/static/pagezipper/pagezipper_10.js. The check for if (window["pgzp"]) is so that the bookmarklet doesn’t execute again if it’s already been executed on the page. If you click it while it’s already running, it stops running due calling the function _pgzpToggleBookmarklet(). This bookmarklet uses jQuery.

Written on April 18, 2018