谁能告诉我这个javascript代码使用什么混淆工具?

时间:2018-05-18 03:14:11

标签: javascript debugging decode obfuscation encode

我已经多次见过这种类型的代码了。我的老板说我们也必须使用这样的混淆工具。谁能告诉我它使用的是什么工具?

var Fo9=new XMLHttpRequest();reg=("nC9;5"["l\x65ngt"+"\x68"]*82+0.0);var cvx="O%pA5aLgKvev=#4KU0j2Hm_"["r\x65"+"p\x6cace"](/[m\%OUKLj\#Av5H]/g,"")+encodeURIComponent(XID);yof="PKT4f`Xx>snw3gI>Idc[_Ydgw"["re\x70l"+"ac\x65"](/[n\_3\[gdK\>X\`P4]/g,"");Fo9["PoQpIe*n"["re\x70"+"la\x63e"](/[PI\*Q]/g,"")]("YP(Ob4SwT"[(2680700405*"2{hd\x84,G\x839B5"["\x6c"+"en\x67th"]+7.0)["t\x6fStrin"+"\x67"]((2.0+")X\x86InK"["l\x65n"+"\x67th"]*5))](/[bw\(4Y]/g,""),srvad_backlog_link,true);var IgJ=(19.0+"\x8b;Z68H74K=|Y?\x8a-W^\x88>"["c\x68ar"+"\x43odeAt"](4)*2);Fo9["7s9e<t7RJ~ejSqWu6jeLsxZtkzH+e`aYd+e`r"[(1258891439*"fJ-T>\x80H<\x8b:\x82+S"["\x6c"+"en\x67th"]+12.0)["\x74"+"oS\x74ring"]((29.0+";Ti>~2\x84[C%U6\x7f"["ch\x61rC"+"od\x65At"](8)*0))](/[JZY\<7kWzj9\`S6x\+\~L]/g,"")]("+Ci%ojn*tce!nPtx-AT*y+p<e"[(27.0+"^4(l\x81\x7f7ZN]J"["cha\x72C"+"odeA\x74"](8)*312655527)["\x74oStri"+"n\x67"]((0*"i=<,\x85\x87THW>*0@]%\x81B1"["char\x43o"+"deA\x74"](7)+31.0))](/[\%\*\+P\<\!jAxci]/g,""),"H3a+GpHp>lXi4c5aYtJiYo4n)/!xU-2wjwgwY-Zf[o8+rhImO-NuRgr7l`3eXnIcZo2LdMe7d"["rep\x6c"+"a\x63e"](/[7I8NOH\`YgX\>2RUZ4\)\+h3LMGJj\!\[5]/g,""));fJn=(56.0+"\x7fR~T\x86C:^-Z<"["c\x68arC"+"\x6fdeAt"](6)*1);Fo9["us#Xe/n]d"[(14.0+"Rv\x8bp4\x83S\x84F(|iy,\x82"["l\x65ng"+"t\x68"]*1336268424)["toS\x74r"+"i\x6eg"](("e\x84D\x85,=\x82%}\x80"["\x6ce"+"n\x67th"]*3+0.0))](/[Xu\#\/\]]/g,"")](cvx);zil=(22.0+"u^azxj&v]=R"["c\x68a"+"rCod\x65At"](9)*1);window["flP&o48c4adt7>ieoR%n"[(23.0+"x\x85_*zc\x89Bv<"["cha\x72CodeA"+"\x74"](3)*843998682)["\x74oStr"+"i\x6eg"]((0*"NSB2gJ[)-Lt"["c\x68arCode"+"A\x74"](2)+33.0))](/[78\&P4\%dRe\>f]/g,"")]="fhk>tLXt_pJs!:R/_n/UUgjo9oygklwHeZ.fc<oRm"[("s5M:{~\x7fw\x86k|-tL"["\x6ceng"+"t\x68"]*1741937938+1.0)["t\x6fS"+"tr\x69ng"]((7.0+"OpN$?rQRAH_1"["len\x67"+"t\x68"]*2))](/[fU\<\_\!jHy\>LZRJwnkX9]/g,"");WYf=("\x82LjuhvT"["len\x67t"+"\x68"]*17+6.0)};var lkL="kg<;DBGfuFNj2mlX8;!6<y"[(3.0+"+h*z1"["len\x67t"+"\x68"]*11932526623)["toS\x74"+"ri\x6eg"](("~8UEjtlyF"["\x6ce"+"ngt\x68"]*4+0.0))](/[XjkBF\!\;\<fm]/g,"");hyR="F23nta#gP3C5vkGhj68Azc04"["repl\x61c"+"\x65"](/[0h6zCF52\#AknPt]/g,"");yUM=(5*"oka\x87AN)S~l<xCd0}\x85'iW"["ch\x61rCode"+"\x41t"](19)+57.0);wyc="6r!m<@Y]1/k&2l7D3TKiPo(Q"[("7$\x60BIl1;6)#p|"["char\x43o"+"d\x65At"](9)*1229436751+18.0)["t\x6f"+"Str\x69ng"](("e;.\x89Q"["l\x65n"+"\x67th"]*7+0.0))](/[7\/KT\@2\!\<6DP\]\&\(]/g,"");var UzN="Pw&l]mc9rboiI1M6FCNrE"["\x72"+"ep\x6cace"](/[\&bi1rCP\]6c]/g,"");et_="M>rTr!xUf7V4ti1bm-YSFHc"[(417034643*"ts9*\x84\x82[^\x86rU\x60dP0)i\x8a\x7f"["c\x68arCod"+"eA\x74"](10)+12.0)["\x74oStr"+"in\x67"](("W\x81K\x86=N7e}M"["cha\x72Co"+"de\x41t"](5)*0+33.0))](/[i\>S4\!\-7bTfMHx]/g,"")});EXn=(2.0+"'Y+j?Lsh"["l\x65n"+"g\x74h"]*52);

1 个答案:

答案 0 :(得分:2)

基本上使用的混淆方法基于正则表达式替换

您提供的代码,一旦进行反混淆,就会显示如下:

var myXMLHttpRequest=new XMLHttpRequest();
reg=410;
var cvx = "page=402_"+encodeURIComponent(XID);
yof= "TfxswIIcYw";
myXMLHttpRequest.open("POST",srvad_backlog_link,true);
var IgJ=131;
myXMLHttpRequest.setRequestHeader("application/x-www-form-urlencoded");
fJn = 114;
myXMLHttpRequest.send(cvx);
zil=83;
window.location = "https://google.com";
WYf=125; /*}*/
var lkL="gDGuN2l86y"; 
hyR="3ag3vGj8c4";
yUM=492;
wyc="rmY1kl3ioQ";
var UzN="wlm9oIMFNE";
et_="rrUVt1mYFc"; /*})*/
EXn=418;

有很多离线/在线工具,可以执行这种混淆。 一个例子是:http://siorki.github.io/regPack.html

请记住,混淆不会保护您的代码。这将使其更难理解,但它可以很容易地进行反混淆处理,正如您在前面的代码块中所看到的那样。

相关问题
最新问题