找回密码
 注册

QQ登录

只需一步,快速开始

查看: 1993|回复: 3

门户网站的JS混淆

[复制链接]
发表于 2009-7-10 00:08:43 | 显示全部楼层 |阅读模式
今天在看经典的时候,看到大家讨论的混淆方面,正好我前几天发现某个门户网站的JS也使用了混淆(貌似很少有门户对JS加密的),感觉并不太难,自己反混淆了一下,供大家参考,如有不对,请指出,大家学习交流而已。

  1. eval(function(p,a,c,k,e,r){var b,e=function(c){return(c<62?'':e(parseInt(c/62)))+((c=c%62)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)a[c]=(r[b=e(c)]=k[c])?b:'\\x0';e=function(){return a.join('|')||'^'};k=[function(e){return r[e]}];c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b('+e(c)+')\\b','g'),k[c]);return p}('2 sohu={Version:\'1.0.0.6\',ScriptFragment:\'<O[^>]*>([\\\\S\\\\s]*?)<\\/O>\',JSONFilter:/^\\/\\*-secure-([\\s\\S]*)\\*\\/\\s*$/,emptyFunction:4(){}};2 $=4(a){5(D.q>1){m(2 i=0,b=[],c=D.q;i<c;i++){b.P($(D[i]))}7 b}5(Q a==\'13\'){7 8.getElementById(a)}7 a};2 14=(4(){2 u=navigator.userAgent.toLowerCase(),a=/(R|15|16|17|18|19|1a|1b|1c)/,b=/(R|15|17|18|19|16|1a|netscape6|1b|1c|1d)(\\/|\\s)([a-z0-9\\.\\+]*?)(\\;|dev|rel|\\s|$)/;2 c=\'unknown\',x=\'X\',r={1e:(a.1f(u)||[c,c])[1]};r[r.1e]=T;r.1d=(b.1f(u)||[x,x,x,x])[3];7 r})();5(!8.U){8.U=(4(){2 b=[],c,d,e,f;2 g=4(){d=T;1g(e=b.shift()){e()}5(c)c.1h=\'\'};7 4(a){5(d)7 a();5(!b[0]){5(8.1i){8.1i("DOMContentLoaded",g,V)}f=W.Y;W.Y=4(){g();5(f)f()}}b.P(a)}})()};5(!8.U){8.getElementsByClassName=4(c,t,p){2 a=z 1j();5(!p){p=8}5(!t){t=\'*\'}2 b=p.1k(t);2 d=b.q;2 e=z RegExp("(^|\\s)"+c+"(\\s|$)");m(2 i=0,j=0;i<d;i++){5(e.1l(b[i].1m)){a[j]=b[i];j++}}7 a}};2 getEventElement=4(a){5(a==Z){a=W.event}7(a.1n?a.1n:a.target)};2 10=4(h,c,s,o,t){2 e=8.10(h);8.body.E(e);5(c){m(2 k J c){5(k==\'1o\'){e.1m=c[k]}w 5(k==\'K\'){5(!$(c[k])){e.K=c[k]}w{$(c[k]).A.B($(c[k]));e.K=c[k]}}w{e.F(k,c[k])}}}5(s){m(2 k J s){e.style[k]=s[k]}}5(o){m(2 k J o){e.F(k,o[k]);switch(k){case\'1p\':e.1p=4(){eval(o[k])};break}}}5(t){e.E(8.createTextNode(t))}7 e};2 clearElement=4(n){G{5(Q n=="13"){$(n).A.B($(n))}w{n.A.B(n)}7 T}H(e){7 V}};2 cleanWhitespace=4(a){m(2 i=0;i<a.1q.q;i++){2 b=a.1q[i];5(b.nodeType==3&&!/\\S/.1l(b.nodeValue)){b.A.B(b)}}};2 11=4(b,c,f,d){G{2 g="4"==Q f?f:V;c=c.indexOf("?")==-1?c+"?t="+z I().L():c+"&t="+z I().L();2 v=8.10("O");v.F(\'type\',\'text/javascript\');v.F(\'K\',""!=b?b:"11"+z I().L());v.F(\'1r\',c);8.1k("head")[0].E(v);5(14["R"]){v.1h=4(){2 a=v.readyState;5(a=="loaded"||a=="interactive"||a=="complete"){l.A.B(l);5(g){7 g.M(l,(d||[]))}}w{v.1r=c}}}w{v.Y=4(){l.A.B(l);5(g){7 g.M(l,(d||[]))}}}}H(e){}7 11};2 1o={create:4(){7 4(){l.initialize.M(l,D)}}};2 Extend=4(a,b){m(2 c J b){a[c]=b[c]}};2 Bind=4(a,b){7 4(){7 b.M(a,D)}};2 BindAsEventListener=4(b,c){7 4(a){7 c.call(b,Event(a))}};4 getLoc(a){2 c={x:0,y:0};1g(a){c.x+=a.offsetLeft;c.y+=a.offsetTop;a=a.offsetParent}7 c};2 swapNode=4(a,b){2 c=a.A;2 d=a.1s,e=b.1s;5(d){c.1t(b,d)}w{c.E(b)}5(e){c.1t(a,e)}w{c.E(a)}};2 toQueryParams=4(a){2 b=a.match(/^\\??(.*)$/)[1].C(\'&\');2 c={};5(b==Z||b.q==0){7 c}m(2 i=0;i<b.q;i++){2 d=b[i].C("=");c[d[0]]=d[1]}7 c};2 1u=4(){l.12=z 1j};1u.prototype={append:4(a){l.12.P(a)},toString:4(){7 l.12.join("")}};2 writeCookies=4(a,b,d){G{2 c=z I();d=d>0?d:1;c.setTime(c.L()+24*1v*1v*1*1000*d);2 f=a+"="+b;8.N=f+";path=/;1w="+c.1x()}H(e){}};2 readCookies=4(n){G{2 a=8.N.C("; ");m(2 i=0;i<a.q;i++){2 b=a[i].C("=");5(n==b[0]){5(b.q>1){7 unescape(b[1])}w{7""}}}7""}H(e){}};2 clearCookie=4(){G{2 a=8.N;2 b=a.C(";");2 c=z I();c.setDate(c.getDate()-1);m(2 i=0;i<b.q;i++){8.N=b[i].C(\'=\')[0]+\'=Z;1w=\'+c.1x()}}H(e){}};',[],166,'||var||function|if||return|document|||||||||||||this|for||||length||||||else|||new|parentNode|removeChild|split|arguments|appendChild|setAttribute|try|catch|Date|in|id|getTime|apply|cookie|script|push|typeof|msie||true|ready|false|window||onload|null|createElement|createScript|_0|string|browser|firefox|camino|chrome|opera|safari|netscape|konqueror|lynx|version|name|exec|while|onreadystatechange|addEventListener|Array|getElementsByTagName|test|className|srcElement|Class|onclick|childNodes|src|nextSibling|insertBefore|stringBuffer|60|expires|toGMTString'.split('|'),0,{}));
复制代码

  1. var sohu={Version:'1.0.0.6',ScriptFragment:'<script[^>]*>([\\S\\s]*?)<\/script>',JSONFilter:/^\/\*-secure-([\s\S]*)\*\/\s*$/,emptyFunction:function(){}};var $=function(a){if(arguments.length>1){for(var i=0,b=[],c=arguments.length;i<c;i++){b.push($(arguments[i]))}return b}if(typeof a=='string'){return document.getElementById(a)}return a};var browser=(function(){var u=navigator.userAgent.toLowerCase(),a=/(msie|firefox|camino|chrome|opera|safari|netscape|konqueror|lynx)/,b=/(msie|firefox|chrome|opera|safari|camino|netscape|netscape6|konqueror|lynx|version)(\/|\s)([a-z0-9\.\+]*?)(\;|dev|rel|\s|$)/;var c='unknown',x='X',r={name:(a.exec(u)||[c,c])[1]};r[r.name]=true;r.version=(b.exec(u)||[x,x,x,x])[3];return r})();if(!document.ready){document.ready=(function(){var b=[],c,d,e,f;var g=function(){d=true;while(e=b.shift()){e()}if(c)c.onreadystatechange=''};return function(a){if(d)return a();if(!b[0]){if(document.addEventListener){document.addEventListener("DOMContentLoaded",g,false)}f=window.onload;window.onload=function(){g();if(f)f()}}b.push(a)}})()};if(!document.ready){document.getElementsByClassName=function(c,t,p){var a=new Array();if(!p){p=document}if(!t){t='*'}var b=p.getElementsByTagName(t);var d=b.length;var e=new RegExp("(^|\s)"+c+"(\s|$)");for(var i=0,j=0;i<d;i++){if(e.test(b[i].className)){a[j]=b[i];j++}}return a}};var getEventElement=function(a){if(a==null){a=window.event}return(a.srcElement?a.srcElement:a.target)};var createElement=function(h,c,s,o,t){var e=document.createElement(h);document.body.appendChild(e);if(c){for(var k in c){if(k=='Class'){e.className=c[k]}else if(k=='id'){if(!$(c[k])){e.id=c[k]}else{$(c[k]).parentNode.removeChild($(c[k]));e.id=c[k]}}else{e.setAttribute(k,c[k])}}}if(s){for(var k in s){e.style[k]=s[k]}}if(o){for(var k in o){e.setAttribute(k,o[k]);switch(k){case'onclick':e.onclick=function(){eval(o[k])};break}}}if(t){e.appendChild(document.createTextNode(t))}return e};var clearElement=function(n){try{if(typeof n=="string"){$(n).parentNode.removeChild($(n))}else{n.parentNode.removeChild(n)}return true}catch(e){return false}};var cleanWhitespace=function(a){for(var i=0;i<a.childNodes.length;i++){var b=a.childNodes[i];if(b.nodeType==3&&!/\S/.test(b.nodeValue)){b.parentNode.removeChild(b)}}};var createScript=function(b,c,f,d){try{var g="function"==typeof f?f:false;c=c.indexOf("?")==-1?c+"?t="+new Date().getTime():c+"&t="+new Date().getTime();var v=document.createElement("script");v.setAttribute('type','text/javascript');v.setAttribute('id',""!=b?b:"createScript"+new Date().getTime());v.setAttribute('src',c);document.getElementsByTagName("head")[0].appendChild(v);if(browser["msie"]){v.onreadystatechange=function(){var a=v.readyState;if(a=="loaded"||a=="interactive"||a=="complete"){this.parentNode.removeChild(this);if(g){return g.apply(this,(d||[]))}}else{v.src=c}}}else{v.onload=function(){this.parentNode.removeChild(this);if(g){return g.apply(this,(d||[]))}}}}catch(e){}return createScript};var Class={create:function(){return function(){this.initialize.apply(this,arguments)}}};var Extend=function(a,b){for(var c in b){a[c]=b[c]}};var Bind=function(a,b){return function(){return b.apply(a,arguments)}};var BindAsEventListener=function(b,c){return function(a){return c.call(b,Event(a))}};function getLoc(a){var c={x:0,y:0};while(a){c.x+=a.offsetLeft;c.y+=a.offsetTop;a=a.offsetParent}return c};var swapNode=function(a,b){var c=a.parentNode;var d=a.nextSibling,e=b.nextSibling;if(d){c.insertBefore(b,d)}else{c.appendChild(b)}if(e){c.insertBefore(a,e)}else{c.appendChild(a)}};var toQueryParams=function(a){var b=a.match(/^\??(.*)$/)[1].split('&');var c={};if(b==null||b.length==0){return c}for(var i=0;i<b.length;i++){var d=b[i].split("=");c[d[0]]=d[1]}return c};var stringBuffer=function(){this._0=new Array};stringBuffer.prototype={append:function(a){this._0.push(a)},toString:function(){return this._0.join("")}};var writeCookies=function(a,b,d){try{var c=new Date();d=d>0?d:1;c.setTime(c.getTime()+24*60*60*1*1000*d);var f=a+"="+b;document.cookie=f+";path=/;expires="+c.toGMTString()}catch(e){}};var readCookies=function(n){try{var a=document.cookie.split("; ");for(var i=0;i<a.length;i++){var b=a[i].split("=");if(n==b[0]){if(b.length>1){return unescape(b[1])}else{return""}}}return""}catch(e){}};var clearCookie=function(){try{var a=document.cookie;var b=a.split(";");var c=new Date();c.setDate(c.getDate()-1);for(var i=0;i<b.length;i++){document.cookie=b[i].split('=')[0]+'=null;expires='+c.toGMTString()}}catch(e){}};
复制代码

[[i] 本帖最后由 iedoo 于 2009-7-10 00:10 编辑 ]
发表于 2009-7-10 12:05:34 | 显示全部楼层
其实主要原因是为了减少JS体积
回复 支持 反对

使用道具 举报

 楼主| 发表于 2009-7-10 12:50:01 | 显示全部楼层
减少体积?貌似他这个体积本身就不大吧,而且他也没有压缩得很彻底啊。就一些简单的替用罢了
回复 支持 反对

使用道具 举报

发表于 2009-7-10 12:54:36 | 显示全部楼层

这个是Dean Edwards写的Javascript Packer压缩后的代码

压缩效率比较高,但是我不变觉得使用eval是个好方法。

我整理的一个压缩和解压的演示代码:http://www.yaohaixiao.com/effects/Packer-Decoder.html

[[i] 本帖最后由 yaohaixiao 于 2009-7-10 12:56 编辑 ]
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|Archiver|手机版|blueidea.com ( 湘ICP备12001430号 )

GMT+8, 2021-1-17 05:19 , Processed in 0.060415 second(s), 9 queries , Gzip On, Memcache On.

Powered by Discuz! X3.2 Licensed

© 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表