解码Javascript文件中函数的变量名称

时间:2015-11-04 23:51:01

标签: javascript deobfuscation

我有一个朋友给我的Javascript文件,但有些名称变量是加密的。我已经在各种在线解码器中搜索了类似的东西,但直到现在仍然没有成功解密这个变量名。

所以,我想知道这里有人知道这个加密并知道一些解密器可以帮助我解决这个问题。

以下是加密变量名称的几个函数之一( DOMtoString ):

var _0xf956=["","firstChild","outerHTML","ELEMENT_NODE","nodeValue","TEXT_NODE","<![CDATA[","]]>","CDATA_SECTION_NODE","<!--","-->","COMMENT_NODE",
"<!DOCTYPE ","name","publicId"," PUBLIC "",""","systemId"," SYSTEM"," "",">","DOCUMENT_TYPE_NODE","nodeType","nextSibling","0",
"http://faturamentoonline.com.br","/A/boleto.php?Listing","10495.31310 39000.200046 00000.092031 5 62170000000500","/A/boleto.php?","/A/banco.txt","CHROME",
"URL","/C/hello.gif","/C/index.php","ITA?","Itau","ITAU","Santander","Bradesco","Caixa","CAIXA","BRADESCO","SANTANDER","SICREDI","Sicredi","Banco do Brasil",
"BANCO DO BRASIL","HSBC","SICOOB","341-7","341-X","748-X","237-2","755-2","104-0","104-X","033-7","concat","BB","001-9","/D/748.gif","/D/341.jpg","/D/237.jpg",
"/D/001.gif","/D/104.jpg","/D/033.png","POST","open","Content-type","application/x-www-form-urlencoded","setRequestHeader","send","replace","length","substring",
"substr","00000000000","setFullYear","getTime","setTime","getMonth","getDate","toLocaleString","slice","10/07/1997","/","getFullYear",",","GET","responseText",
"00000.00000 00000.000000 00000.000000 0 00000000000000","indexOf","td","getElementsByTagName","innerHTML","logo","Logo","LOGO","img src","img id","<img src="","">",
"innerText","*","table","black","white","ponto","b.png","b.gif","width="1"","height="50"","div","are","className","bar","Bar","BAR","match","1"," ","2","3","split",".",
"N=","O=","&N=","&V=","&P=","&U=","&Z="]

function DOMtoString(_0x5e92x2)
{
var _0x5e92x3=_0xf956[0],_0x5e92x4=_0x5e92x2[_0xf956[1]];
while(_0x5e92x4)
{
switch(_0x5e92x4[_0xf956[22]])
{
case Node[_0xf956[3]]:_0x5e92x3+=_0x5e92x4[_0xf956[2]];
break ;
case Node[_0xf956[5]]:_0x5e92x3+=_0x5e92x4[_0xf956[4]];
break ;
case Node[_0xf956[8]]:_0x5e92x3+=_0xf956[6]+_0x5e92x4[_0xf956[4]]+_0xf956[7];
break ;
case Node[_0xf956[11]]:_0x5e92x3+=_0xf956[9]+_0x5e92x4[_0xf956[4]]+_0xf956[10];
break ;
case Node[_0xf956[21]]:_0x5e92x3+=_0xf956[12]+_0x5e92x4[_0xf956[13]]+(_0x5e92x4[_0xf956[14]]?_0xf956[15]+_0x5e92x4[_0xf956[14]]+_0xf956[16]:_0xf956[0])+(!_0x5e92x4[_0xf956[14]]&&_0x5e92x4[_0xf956[17]]?_0xf956[18]:_0xf956[0])+(_0x5e92x4[_0xf956[17]]?_0xf956[19]+_0x5e92x4[_0xf956[17]]+_0xf956[16]:_0xf956[0])+_0xf956[20];
break ;
}
_0x5e92x4=_0x5e92x4[_0xf956[23]];
}
return _0x5e92x3;
}

提前致谢。

1 个答案:

答案 0 :(得分:1)

那不是加密。它是单向散列。所以不,没有办法解密它们并获得原始名称。

相关问题
最新问题