In my history, iI've used sort of javascript and vbscript to find vulnerabilities for sites. I detected that, using internet explorer under windows, it is possible to read/write windows registries.
So here are a technics to find if jaws is there:) more explanations here: http://www.securiteam.com/exploits/5FP080A5FM.htmlAlso if you detect that the user agent is ie and that operating system is windows you can generate a vb script instead of javascript
and use it like here: http://www.vbforums.com/showthread.php?t=292309 a more clear way you find here: http://www.mooienaam.nl/weblog/CA1F7392-91F7-45AC-8B2B-0F7078F74D6D.htmlAlso with the following script you can get for example the drives from a computer using javascript and internet explorer. And how a lot of people design pages using only internet explorer and a lot of them visit pages using internet explorer... I was confused to work in a webdesign company and to see that their mainly efort was on internet explorer testing, when I asked why we don't test other browsers like firefox..... They said... WTF with that sheet (sorry they words). I was very happy about their words because after the site was published in production environment, I taked it down 3 times by exploits and I liked to see them working to understand what happened there. Look that all my solution are on internet explorer, firefox does not suffer from all this vulnerabilities.
<HTML>
<HEAD>
<SCRIPT language=JavaScript>
function ShowAvailableDrives()
{
document.write(GetDriveList());
}
function GetDriveList()
{
var fso, s, n, e, x;
fso = new ActiveXObject("Scripting.FileSystemObject");
e = new Enumerator(fso.Drives);
s = "";
do
{
x = e.item();
s = s + x.DriveLetter;
s += ":- ";
if (x.DriveType == 3) n = x.ShareName;
else if (x.IsReady) n = x.VolumeName;
else n = "[Drive not ready]";
s += n + "<br>";
e.moveNext();
} while (!e.atEnd());
return(s);
}
</SCRIPT>
</HEAD>
<BODY>
<P>
<SCRIPT language=JavaScript> ShowAvailableDrives(); </SCRIPT>
</P>
</BODY>
</HTML>
----- Original Message -----
From: "DaShiell, Jude T. CIV NAVAIR 1490, 1, 26" <jude.dashiell@xxxxxxxx>
To: <programmingblind@xxxxxxxxxxxxx> Sent: Friday, February 12, 2010 8:51 PM Subject: RE: How to detect screen readers for a webpage? In that case, will anyone please explain to me why it is on Government Web sites I get messages about jaws having been detected? Provided screen readers get installed in expected default folders, it ought to be possible to search a connecting hard drive for the series of folders that hold screen reader executable files and other support files then act accordingly Rot47: <;F56]52D9:6==@?2GJ]>:=> -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of E.J. Zufelt Sent: Friday, February 12, 2010 13:42 To: programmingblind@xxxxxxxxxxxxx Subject: Re: How to detect screen readers for a webpage? Good afternoon Robert, In short, no. There is no way to detect the use of a screen-reader from a web-page. HTH, Everett Follow me on Twitter http://twitter.com/ezufelt View my LinkedIn Profile http://www.linkedin.com/in/ezufelt On 2010-02-12, at 1:35 PM, Robert Jaquiss wrote: Hello List: I am in the process of revamping the web site for VIEW International Foundation. I would like to include some audio files. I observe that when an audio file is activated, JAWS is still talking about the page. Is there a way to detect a screen reader, and either wait five seconds or figure out when it is done talking before playing the audio? Thanks in advance. Regards, Robert Jaquiss __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________View the list's information and change your settings at //www.freelists.org/list/programmingblind
