我一直很好奇如何在JavaScript中实现这种类型的混淆以及如何解码(反混淆)。下面是一个示例代码:
var _0x4e9d=["\x66\x72\x6F\x6D\x43\x68\x61\x72\x43\x6F\x64\x65","\x77\x72\x69\x74\x65"];document[_0x4e9d[0x1]](String[_0x4e9d[0x0]](0x3c,0x62,0x75,0x74,0x74,0x6f,0x6e,0x20,0x6f,0x6e,0x63,0x6c,0x69,0x63,0x6b,0x3d,0x27,0x6a,0x61,0x76,0x61,0x73,0x63,0x72,0x69,0x70,0x74,0x3a,0x69,0x66,0x20,0x28,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x67,0x65,0x74,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x42,0x79,0x49,0x64,0x28,0x22,0x70,0x61,0x73,0x73,0x22,0x29,0x2e,0x76,0x61,0x6c,0x75,0x65,0x3d,0x3d,0x22,0x6a,0x30,0x30,0x77,0x31,0x6e,0x22,0x29,0x7b,0x61,0x6c,0x65,0x72,0x74,0x28,0x22,0x59,0x6f,0x75,0x20,0x57,0x49,0x4e,0x21,0x22,0x29,0x3b,0x77,0x69,0x6e,0x64,0x6f,0x77,0x2e,0x6c,0x6f,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x2b,0x3d,0x20,0x22,0x3f,0x6c,0x76,0x6c,0x5f,0x70,0x61,0x73,0x73,0x77,0x6f,0x72,0x64,0x3d,0x22,0x2b,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x67,0x65,0x74,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x42,0x79,0x49,0x64,0x28,0x22,0x70,0x61,0x73,0x73,0x22,0x29,0x2e,0x76,0x61,0x6c,0x75,0x65,0x7d,0x65,0x6c,0x73,0x65,0x20,0x7b,0x61,0x6c,0x65,0x72,0x74,0x28,0x22,0x57,0x52,0x4f,0x4e,0x47,0x21,0x20,0x54,0x72,0x79,0x20,0x61,0x67,0x61,0x69,0x6e,0x21,0x22,0x29,0x7d,0x27,0x3e,0x43,0x68,0x65,0x63,0x6b,0x20,0x50,0x61,0x73,0x73,0x77,0x6f,0x72,0x64,0x3c,0x2f,0x62,0x75,0x74,0x74,0x6f,0x6e,0x3e));
附录:感谢您对其进行去混淆,但我只对如何模糊我自己的代码感兴趣。
答案 0 :(得分:6)
请注意,在JavaScript中,someobject["xyz"]与someobject.xyz大致相同。
第一句话:
_0x4e9d是一个包含两个字符串的数组:
"fromCharCode" "write" 第二个语句解码为document.write(String.fromCharCode(0x3c,0x62,...,0x3e))。
最后,正在编写的字符串是这段HTML:
<button onclick='javascript:if (document.getElementById("pass").value=="j00w1n"){alert("You WIN!");window.location += "?lvl_password="+document.getElementById("pass").value}else {alert("WRONG! Try again!")}'>Check Password
答案 1 :(得分:4)
每个\xnn都是十六进制的字符代码。
所以\x63会给你'a'
要对自己的代码执行此操作,您需要具有将每个字符转换为十六进制代码点的内容:
var aAsHex = '\\x'+'a'.charCodeAt(0).toString(16)
然后将输出复制并粘贴到文件中。
答案 2 :(得分:3)
var _0x4e9d = ["\x66\x72\x6F\x6D\x43\x68\x61\x72\x43\x6F\x64\x65", "\x77\x72\x69\x74\x65"];
是["fromCharCode", "write"]
document[_0x4e9d[0x1]](String[_0x4e9d[0x0]]
是document.write(String.fromCharCode
String.fromCharCode(0x3c, 0x62, ...)
是
<button
onclick='javascript:if (document.getElementById("pass").value=="j00w1n"){alert("You WIN!");window.location += "?lvl_password="+document.getElementById("pass").value}else {alert("WRONG! Try again!")}'
>
Check Password
</button>
onclick中的JavaScript是
if (document.getElementById("pass").value=="j00w1n") {
alert("You WIN!");
window.location += "?lvl_password=" + document.getElementById("pass").value
} else {
alert("WRONG! Try again!")
}
答案 3 :(得分:1)
PHP,假设$string包含数据。因此,您可以通过运行反向过程来进行模糊处理。
echo preg_replace('~((0|\\\)x([0-9a-f]+))~ei', 'chr(hexdec("\\1"))', $string);
你会得到这个......
var _�=["fromCharCode","write"];document[_�[]](String[_�[]](<,b,u,t,t,o,n, ,o,n,c,l,i,c,k,=,',j,a,v,a,s,c,r,i,p,t,:,i,f, ,(,d,o,c,u,m,e,n,t,.,g,e,t,E,l,e,m,e,n,t,B,y,I,d,(,",p,a,s,s,",),.,v,a,l,u,e,=,=,",j,0,0,w,1,n,",),{,a,l,e,r,t,(,",Y,o,u, ,W,I,N,!,",),;,w,i,n,d,o,w,.,l,o,c,a,t,i,o,n, ,+,=, ,",?,l,v,l,_,p,a,s,s,w,o,r,d,=,",+,d,o,c,u,m,e,n,t,.,g,e,t,E,l,e,m,e,n,t,B,y,I,d,(,",p,a,s,s,",),.,v,a,l,u,e,},e,l,s,e, ,{,a,l,e,r,t,(,",W,R,O,N,G,!, ,T,r,y, ,a,g,a,i,n,!,",),},',>,C,h,e,c,k, ,P,a,s,s,w,o,r,d,<,/,b,u,t,t,o,n,>));
答案 4 :(得分:1)