JavaScript obfuscation code restoration-JavaScript obfuscation: Using js to assign values

Source: Internet
Author: User

 

In the morning, you need to modify a js file and find that it has been obfuscated. If there is any "source code", and no suitable tool has been found on the internet for anti-obfuscation, you have studied and sorted out the following two methods:

[Method 2 without using tools]

 

Method 1: Use the IE Developer tool (IE 8 has already come with it, and IE Developer Toolbar needs to be downloaded and installed before IE7) for anti-obfuscation. I often use Chrome, but there is no way to use Chrome's built-in developer tools to implement anti-obfuscation... I hope you will be informed of this...

Don't worry, directly

 

 

 

 

Method 2: code implementation (ps. well, as a common resentment among some developers, many developers want to use their own developed things most often, so they can't wait for the OS to go on their own, when I implemented it myself, I implemented method 2 first, and then I used IE again... -_-|)

 

First paste a obfuscated test code

Eval (function (p, a, c, k, e, d) {e = function (c) {return (c <? "": E (parseInt (c/a) + (c = c % a)> 35? String. fromCharCode (c + 29): c. toString (36)}; if (! ''. Replace (/^/, String) {while (c --) d [e (c)] = k [c] | e (c ); k = [function (e) {return d [e]}]; e = function () {return '\ w +'}; c = 1 ;}; while (c --) if (k [c]) p = p. replace (new RegExp ('\ B' + e (c) + '\ B', 'G'), k [c]); return p ;} ('1 ("0-6"); 2 4 () {1 ("0-5")} 8 3 = 2 () {1 ("0-7")}; 4 (); 3 () ', 9, 'Gloomy fit | alert | function | B | a | anti-obfuscation Test 2 | anti-obfuscation Test 1 | anti-obfuscation Test 3 | var '. split ('|'), 0 ,{}))

 

 

Implementation: www.2cto.com

1.create a new webpage xxx.html

2. Add a div container id = "divTest"

3. the most critical step is to execute the Value assignment: (in the obfuscated code above, extract the content in eval () and assign a value (or print it directly) to the document. getElementById ('divtest '). innerText)

Document. getElementById ('divtest'). innerText = function (p, a, c, k, e, d) {e = function (c) {return (c <? "": E (parseInt (c/a) + (c = c % a)> 35? String. fromCharCode (c + 29): c. toString (36)}; if (! ''. Replace (/^/, String) {while (c --) d [e (c)] = k [c] | e (c ); k = [function (e) {return d [e]}]; e = function () {return '\ w +'}; c = 1 ;}; while (c --) if (k [c]) p = p. replace (new RegExp ('\ B' + e (c) + '\ B', 'G'), k [c]); return p ;} ('1 ("0-6"); 2 4 () {1 ("0-5")} 8 3 = 2 () {1 ("0-7")}; 4 (); 3 () ', 9, 'Gloomy fit | alert | function | B | a | anti-obfuscation Test 2 | anti-obfuscation Test 1 | anti-obfuscation Test 3 | var '. split ('|'), 0 ,{})

 

 

Open xxx.html to display the result: (The unobfuscated code has been compressed, and other characters such as line breaks are removed)

Alert ("Gloomy reverse obfuscation Test 1"); function a () {alert ("Gloomy reverse obfuscation Test 2")} var B = function () {alert ("Gloomy reverse obfuscation Test 3")}; a (); B ()

 

After my test, I found that all js obfuscated with packed can be restored using this method. After finding several projects, Obfuscated javascript can be restored, but the line break is removed, I don't know if other methods can be used to confuse Javascript. In theory, it should be okay. I haven't tested it. If you are interested, you can try it.

From melancholy

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.