Decrypting it manually was much simpler than expected, and it took less than half an hour to do it.
The most critical part of JS deobfuscation:
l eval or document.write, VBS's EXECUTE, execScript and other functions that can run js
l unescape
There are generally several ways to obfuscate js :
1. Convert the code into hex form code through escape, which is incomprehensible
2. Perform simple reversible encryption on the code, and then provide a decryption function to decrypt the code and use Calls such as eval hand the code string to the js engine for execution.
3. Filter out comments and spaces in the code, modify the names of internal functions/internal variables in the js code, and change them to very difficult to understand numbers or easily confused strings, such as a string of mixed numbers 0 and letters O. Makes it difficult to identify.
A more advanced method is to combine the above methods.
Therefore, the way to restore it is
1. Use unescape to decode the visible %XX string
2. Find eval or similar interpretation function entry
3. Put the parameters passed into eval Find the strings
4. If these strings are also in hex form, use unescape to solve them
5. Loop through the process of 2-4 until all the codes are found
6. At this time it is very likely that It was found that there are still some variables used in the solved function, and these variables are some large strings. In this case, these strings should be the encrypted source code. Insert the code into the appropriate position at the end of the function that uses them, and display their decrypted string to get the source code.
The most important thing to note here is to clearly see the variable names. Many of the codes in the decryption part are formed by adding names such as 000O and 0O00. See clearly the real names of these variables.
Be careful to preserve the order of declaration and definition of functions and variables to avoid not being able to find functions or variables due to moving locations.
In addition, obfuscation tools will also add a lot of junk code to the code, which can be deleted.
If you have a stronger obfuscation tool, you can also insert some useful code into the generated garbage-like code to provide some variables for the garbled function that follows, such as the decrypted key, so you need to Be careful not to disrupt the order of the code. If you are not sure whether it is junk code, leave it first.
It seems that method 3 is the simplest and the most retarded, but in fact this method has the greatest impact on us. Trying to read code without comments, in a confusing format and with a bunch of identifiers with messy names is very difficult for any normal person. It's all a nightmare. However, it is probably because the "internal" standard is not easy to judge, and some obfuscation tools do not provide such a function.
Another: Decrypt the webpage
In the address bar or press Ctrl O, enter:
javascript:s=document.documentElement.outerHTML;document.write('');document.body.innerText=s;
The source code is out. No matter how complicated the encryption is, it must eventually be restored to HTML code that the browser can parse, and documentElement.outerHTML is the final result.
es6数组怎么去掉重复并且重新排序May 05, 2022 pm 07:08 PM去掉重复并排序的方法:1、使用“Array.from(new Set(arr))”或者“[…new Set(arr)]”语句,去掉数组中的重复元素,返回去重后的新数组;2、利用sort()对去重数组进行排序,语法“去重数组.sort()”。
JavaScript的Symbol类型、隐藏属性及全局注册表详解Jun 02, 2022 am 11:50 AM本篇文章给大家带来了关于JavaScript的相关知识,其中主要介绍了关于Symbol类型、隐藏属性及全局注册表的相关问题,包括了Symbol类型的描述、Symbol不会隐式转字符串等问题,下面一起来看一下,希望对大家有帮助。
原来利用纯CSS也能实现文字轮播与图片轮播!Jun 10, 2022 pm 01:00 PM怎么制作文字轮播与图片轮播?大家第一想到的是不是利用js,其实利用纯CSS也能实现文字轮播与图片轮播,下面来看看实现方法,希望对大家有所帮助!
JavaScript对象的构造函数和new操作符(实例详解)May 10, 2022 pm 06:16 PM本篇文章给大家带来了关于JavaScript的相关知识,其中主要介绍了关于对象的构造函数和new操作符,构造函数是所有对象的成员方法中,最早被调用的那个,下面一起来看一下吧,希望对大家有帮助。
JavaScript面向对象详细解析之属性描述符May 27, 2022 pm 05:29 PM本篇文章给大家带来了关于JavaScript的相关知识,其中主要介绍了关于面向对象的相关问题,包括了属性描述符、数据描述符、存取描述符等等内容,下面一起来看一下,希望对大家有帮助。
javascript怎么移除元素点击事件Apr 11, 2022 pm 04:51 PM方法:1、利用“点击元素对象.unbind("click");”方法,该方法可以移除被选元素的事件处理程序;2、利用“点击元素对象.off("click");”方法,该方法可以移除通过on()方法添加的事件处理程序。
整理总结JavaScript常见的BOM操作Jun 01, 2022 am 11:43 AM本篇文章给大家带来了关于JavaScript的相关知识,其中主要介绍了关于BOM操作的相关问题,包括了window对象的常见事件、JavaScript执行机制等等相关内容,下面一起来看一下,希望对大家有帮助。
foreach是es6里的吗May 05, 2022 pm 05:59 PMforeach不是es6的方法。foreach是es3中一个遍历数组的方法,可以调用数组的每个元素,并将元素传给回调函数进行处理,语法“array.forEach(function(当前元素,索引,数组){...})”;该方法不处理空数组。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
