个人中心
gpt4 book ai didi

javascript - 如何使用 "[][filter][constructor]..."反混淆 javascript 代码?

转载 作者:塔克拉玛干 更新时间:2023-11-02 23:04:51 25 4
gpt4 key购买 nike

众所周知,用“packer”和“eval”之类的东西混淆的javascript代码可以很容易地通过互联网上提供的各种工具进行解码,但是最近我遇到了一段混淆了类似东西的javascript代码[]['filter']['constructor'].....,貌似没有解码解。示例如下:

[]["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["italics"]()[0])[true + true] + "N" + "S" + "S" + "{" + "I" + []["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "u" + "n" + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()([]["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["italics"]()[0])[0] +
    "5" + "f") + 101["toString"]("!0!01")[+true] + "a" + (+"false" + []["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + []["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["fontcolor"]()["!01"])[true + true] + "a" + "t" + "e")()())["!0!0!00"] + "e" + []["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "u" + "n" + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()([]["filter"]["constructor"]("r" +
    "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["italics"]()[0])[0] + "5" + "f") + []["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "u" + "n" + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()([]["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["italics"]()[0])[0] + "59" + "") + "o" + "u" + []["filter"]["constructor"]("r" +
    "e" + "t" + "u" + "r" + "n" + " " + "u" + "n" + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()([]["filter"]["constructor"]("r" + "e" + "t" + "u" + "r" + "n" + " " + "e" + "s" + "c" + "a" + 211["toString"]("!0!0!01")[+true] + "e")()("" ["italics"]()[0])[0] + "7" + "d");

如何像这样解码javascript?

最佳答案

这看起来很像非字母数字混淆,但是是一种中间形式。看here举个例子。

原理是一样的:1.它依赖于评估代码的另一种形式,在您的情况下是数组过滤器构造函数2. 使用下标符号(将对象名称转换为字符串)3. 将字符串分解为单字符字符串,然后使用类型转换将每个字符转换为非字母数字符号序列。

解码这个很容易,但是如果你手动完成它就需要很辛苦的工作。我认为编写一个工具来自动恢复它需要不到一个小时的时间。乍一看,这似乎是一个很好的混淆,但它没有弹性,很容易被打败。

没有混淆是 100% 防弹的,但现代 JS 混淆器(例如 JScrambler)比基本编码技术(无论是 eval 还是 eval-less)要深入得多。

参见 this presentation有关非字母数字混淆的更多详细信息(幻灯片 33-38)。如果您对 JavaScript 混淆感兴趣,请参阅其余部分。

关于javascript - 如何使用 "[][filter][constructor]..."反混淆 javascript 代码?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26191263/

25 4 0
文章推荐: javascript - jsPDF输出PDF下载
文章推荐: c++ - 为什么我必须调用 operator<< 作为 SFINAE 使用 void_t 的方法?
文章推荐: android - 如何在 map v2 中滚动信息窗口?
文章推荐: c++ - 如何仅使用 OpenCV HighGui 制作一个简单的一键式窗口?
塔克拉玛干
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com