THE DEVIOUS VISITOR MONITOR - Explained!

 
Some of  you will no doubt be aware, that Reverse Code Engineering For Newbies uses a crafty/sneeky JavaScript routine to snatch it's visitors emails addresses and then email this information automatically to me each time they visit. 
 
This is not some sort of devious plot to sell this information to Micro$oft but instead, it's a way for me to know who some of you are.  It's no different to you signing a guestbook, but this way it's all done *almost* automatically and often without you realizing.
 

So what kind of information do I receive from you?

Here's what this JavaScript routine gets from YOUR browser, remember,  some web sites can and DO, get a whole lot more info from YOUR web browse than this simple JavaScript routine.
 

 

Below is a sample email I've received from this JavaScript Routine, just 1 of 4000 unique email addresses I've fished from you so far...

Subject: Devious Visitor Monitor
    Date: Wed, 26 Aug 1998 12:26:58 +0400
   From: "Vadim Kozlov" <vvkozlov#chat.ru@OPTProxy>
      To:  <greenway@proweb.co.uk>

PAGE=Code Reversing for Beginners & Newbies
REFERRER=http://www.hitbox.com/wc/world.100.HackingPhreaking.html
PLATFORM=Microsoft Internet Explorer 4.0 (compatible; MSIE 4.01; Windows NT)
LOADING_TIME=7.41 seconds
SUBMITTER=Click me to let me know you were here
 
   
There are a couple of things worth knowing about this JavaScript Routine.
 
This script will only work in browsers with JavaScript 1.1 or better (that is, Netscape 3.0+ and MSIE 3.01 Mac or MSIE 4.0 PC). Some older MSIE browsers will pop up an email window instead of just sending the email. Other non-JavaScript browsers like the AOL browser and the WebTV browser will send you an email if the visitor clicks the button. But all the categories will say "none" because they don't have JavaScript. But you can still get their email address from the email.

Now I come to the 'Click me to let me know you were here' button, placed on the same web page as this JavaScript routine.
 
Netscape Browsers, especially the later versions  blocks direct form.submit() calls to mailto forms which this JavaScript routine uses.  So, in this case if we also assign our JavaScript routine to a button and use the button's Click-method instead of form.submit method  then Netscape browsers don't catch on to our "Devious Monitor Trick. So for everyone who is wondering, "Does the button have to be there?", the answer is "YES".
 

The final question that you all may be asking is this: "Why does my browser warn me about 'Submitting a Form' via email each time I visit your index.html page?.

This script is NOT a stealth routine!". You have the option of configuring your browser to warn you when a form is being submitted. Every individual browser will have to turn it off by themselves. Devious Visitor Monitor can't do it for you. So the browser might show a warning message, but most of the time the visitors to the web page will probably just click OK not knowing what is going on.
 

If you can Cut & Paste text then you can use this JavaScript!
 


 
 
<!-- FOUR STEPS TO INSTALL DEVIOUS VISITOR MONITOR:
  1. paste designated code into HEAD tag of HTML document
  2. add onLoad event handler to BODY tag
  3. paste designated code into bottom of document
     right before end HTML tag
  4. change the action of the form you just pasted
     so that you receive the email  -->
 
 
<!- STEP ONE: paste this code into HEAD of your document ->

<HTML>
<HEAD>
<script language="JavaScript">
<!--
var startTime = new Date();
startTime = startTime.getTime();
var submissions = 0;

function checkForDuplicate() {
 if (document.form1) {
  document.form1.REFERRER.value = document.referrer;
  document.form1.PLATFORM.value = navigator.appName
   + " " + navigator.appVersion;
  submissions++;
  if (submissions > 1)
   return false;
  else
   return true;
 } else {
  return false;
 }
} // goes with function

function doneLoading() {
 var stopTime = new Date();
 stopTime = stopTime.getTime();
 document.form1.LOADING_TIME.value = ((stopTime - startTime) / 1000)
  + " seconds";
 document.form1.PAGE.value = document.title;
 document.form1.SUBMITTER.click(); // triggers submission of form
 // equivalent to form.submit(), but
 // Netscape blocks form.submit() calls to forms with mailto actions
 // this is a workaround for that problem
}

// -->
</script>
</HEAD>
 

<!-STEP TWO: add the onLoad event handler to your BODY tag->

<BODY onLoad="doneLoading()">
 

<!-STEP THREE: paste this code into bottom of HTML document  right before the end HTML tag  -->

<FORM name="form1"
 METHOD=post
 action="PLACE YOUR EMAIL ADDRESS HERE?SUBJECT=Devious Visitor Monitor"
 enctype="text/plain"
 onSubmit="return checkForDuplicate()">
<input type="hidden" name="PAGE" value="none">
<input type="hidden" name="REFERRER" value="none">
<input type="hidden" name="PLATFORM" value="none">
<input type="hidden" name="LOADING_TIME" value="none">
<input type="submit"
 name="SUBMITTER"
 value="Click me to let me know you were here">
</form>

</BODY></HTML>

<!-- STEP FOUR: change action of form from mailto:nobody@nowhere.com to your email address so that you receive the automatic emails that are generated -->


 
I am not the author of this Javascript routine and I don't know who wrote, I found it @: The JavaScript Source.com
 
 
[ Download Text version of this JavaScript]     [ RETURN ]
 
 


Page Created by: The Sandman