eval(function(p,a,c,k,e,d)系列js解密、js格式化排列

2009.01.09 作者: 小V - 1 评论
文章分类: JavaScript

«
»

一个经常见到的东西.  今天再次遇上.. 决定在这存一下.呵

eval(function(p,a,c,k,e,d) 一种压缩混淆js用的.

后面还有一个js代码排列的格式化工具..

在线演示地址:

eval(function(p,a,c,k,e,d)系列js解密:http://vl99.com/webtest/Jstools/jsevalcrack.htm

js格式化:   http://vl99.com/webtest/Jstools/jsformat.html

下面是一个解码的代码

<script>
a=62;
function encode() {
var code = document.getElementById('code').value;
code = code.replace(/[rn]+/g, '');
code = code.replace(/'/g, "'");
var tmp = code.match(/b(w+)b/g);
tmp.sort();
var dict = [];
var i, t = '';
for(var i=0; i<tmp.length; i++) {
if(tmp[i] != t) dict.push(t = tmp[i]);
}
var len = dict.length;
var ch;
for(i=0; i<len; i++) {
ch = num(i);
code = code.replace(new RegExp('b'+dict[i]+'b','g'), ch);
if(ch == dict[i]) dict[i] = '';
}
document.getElementById('code').value = "eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\b'+e(c)+'\b','g'),k[c]);return p}("
+ "'"+code+"',"+a+","+len+",'"+ dict.join('|')+"'.split('|'),0,{}))";
}

function num(c) {
return(c<a?'':num(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36));
}

function run() {
eval(document.getElementById('code').value);
}

function decode() {
var code = document.getElementById('code').value;
code = code.replace(/^eval/, '');
document.getElementById('code').value = eval(code);
}
</script>
<textarea id=code cols=80 rows=20>

</textarea>

<input type=button onclick=encode() value=编码>
<input type=button onclick=run() value=执行>
<input type=button onclick=decode() value=解码>

通常用上面那东西或一些解码出来的东西都是混在一起的.根本没有可读性..

试了几个js格式化的工具都不灵,不是代码不对就是死机.后来终于找到个成功的.这页面还挺有意思呵呵..

js格式化的代码

<html>
<head>
<title>JSer </title>
<meta http-equiv="content-type" content="text/html; charset=gb2312" />
<style>
/* Global CSS */

* { padding:0px; margin:0px; font-size:13px; font-family: arial 宋体; }

body { overflow:auto; border:0px none black; background-color:buttonface; }

li { margin:0px 0px 0px 40px; padding:2px 4px; }

/* Class CSS */

.quote { color:#999; }
.comments { color: #009090; }
.indent { margin-left:25px; }
.regexp { color:#F000F0; }

/* Identified CSS */

#divTools { height:20px; border-bottom:1px solid #555; padding-left:15px; }

#divTools a { color:navy; text-decoration:none; height:20px; line-height:20px; padding:0px 25px; }

#divTools a:hover { color:white; background-color:navy; text-decoration:none; height:20px; line-height:20px; }

#divJSInput { display:none; width:600px; height:450px; border:2px outset buttonface; position:absolute; background-color:buttonface; z-Index:2; }

#divJSInputTitle { color:white; background-color:navy; height:20px; line-height:20px; padding:0px 10px; cursor:default; }

#txtJSInput { width:598px; height:406px; overflow:auto; padding:4px 8px; background-color:white;}

#divJSInputBar { height:24px; padding:0px 4px; }

#divJSInputBar input { width:110px; height:22px; border:1px solid #555; line-height:20px; }

#divJSOutput { background-color:white; border:1px inset buttonface; width:100%; height:500px; overflow:auto; }

#divWaiting { display:none; width:400px; height:60px; border:1px solid buttonface; position:absolute; background-color:#E0F0F0; z-Index:3; text-align:center; padding-top:10px; }

#divWaiting input { width:140px; height:22px; border:1px solid #555; line-height:20px; cursor:default; margin-top:4px; }

</style>
<script type="text/javascript">

window.onload=init;

var OPS="! $ % & * + - // / : < = > ? [ ] ^ | ~ is  new sizeof  typeof unchecked";

var regKW=new RegExp("(W"+KEYWORDS.replace(/ /g,"$)|(W")+"$)","g");
var regObj=new RegExp("(W"+OBJECTS.replace(/ /g,"$)|(W")+"$)","g");
var regMP=new RegExp("(W"+METHODS_PROPERTIES.replace(/ /g,"$)|(W")+"$)","g");
//var regOP=new RegExp("(W"+OPS.replace(/ /g,"$)|(W")+"$)","g");

var colorKW="blue";
var colorObj="red";
var colorMP="#FF8000";
var colorOP="#004000";

//------------------
// Global Variables
//------------------
var divJSInput, txtJSInput, divJSOutput, divWaiting, spnProcess;
var glbStr, glbP, glbRe, curRe, glbTimer;
function init(){
// init global variables
divJSInput=document.getElementById("divJSInput");
txtJSInput=document.getElementById("txtJSInput");
divJSOutput=document.getElementById("divJSOutput");
divWaiting=document.getElementById("divWaiting");
spnProcess=document.getElementById("spnProcess");

// init window state
maximizeWindow();

divJSOutput.style.width=document.body.clientWidth-2;
divJSOutput.style.height=document.body.clientHeight-26;

// init global events
divJSInput.onkeydown=divJSInput_keydown;
}
//------------------
// event scripts
//------------------

function divJSInput_keydown(e){
var e=window.event?window.event:e;
var srcEle=e.srcElement?e.srcElement:e.target;
var sel;
if(e.keyCode==27)hideJSInput();
if(e.keyCode==13&&e.ctrlKey)execJSInput();
if(e.keyCode==9&&srcEle==txtJSInput){
document.selection.createRange().text="t";return(false); // not support FF
}
}

//------------------
// functional scripts
//------------------

function showJSInput(){
with(divJSInput.style){
display="block";
left=(document.body.clientWidth-divJSInput.offsetWidth)/2;
top=(document.body.clientHeight-divJSInput.offsetHeight)/2;
}

txtJSInput.focus();

return(false);
}

function hideJSInput(){
divJSInput.style.display="none";
}

function execJSInput(){
hideJSInput();

divJSOutput.innerHTML="";

glbStr=txtJSInput.value.replace(/rn[ t]+/gi,"rn").replace(/(rn)+/gi,"rn");
glbP=0;
curRe=glbRe=document.createElement("div");

divJSOutput.appendChild(glbRe);

glbRe.className="codeRoot";

showWait();
core_analysis();
}

function showWait(){
document.body.style.cursor="wait";

with(divWaiting.style){
display="block";
left=(document.body.clientWidth-divWaiting.offsetWidth)/2;
top=(document.body.clientHeight-divWaiting.offsetHeight)/2;
}
spnProcess.innerHTML="0.00%  ( 0 / 0 )"
return(false);
}

function stopExec(){
document.body.style.cursor="";
divWaiting.style.display="none";
try{clearTimeout(glbTimer);}catch(e){}

return(false);
}

function core_analysis(){
var str=" ", c="", lastState="", seq, intNextQuote, intTemp, intCount, intWordStart;
spnProcess.innerHTML=parseFloat(glbP/glbStr.length*100).toFixed(2)+"%  ( "+glbP+" / "+glbStr.length+" )";
for(var i=glbP;i<glbStr.length;i++){
c=glbStr.charAt(i);
str+=htmlEncode(c);
switch(c){
case "r": case " ": case "t":
if(lastState=="rn"){str=" ";break;}
if(c.match(/W/)&&glbStr.charAt(i-1).match(/w/)){
str=str.substring(0,str.length-htmlEncode(c).length);
str=str.replace(regKW,clKW).replace(regObj,clObj).replace(regMP,clMP)+htmlEncode(c);
}
break;
case "n": case ";":
if(lastState=="rn"){str=" ";break;}
outputLn(str);
str=" ";
lastState="rn";
if(i-glbP>200){
glbP=i+1;
glbTimer=setTimeout(core_analysis);
return;
}
break;
case """:
intNextQuote=i;
while(intNextQuote!=-1&&intNextQuote<glbStr.length){
intNextQuote=glbStr.indexOf(""",intNextQuote+1);
if(intNextQuote==-1||glbStr.charAt(intNextQuote-1)!="")break;
intCount=0; intTemp=intNextQuote;
while(glbStr.charAt(--intTemp)=="")intCount++;
if(intCount%2==0)break;
}
if(intNextQuote==-1)break;
str+="<span class="quote">"+htmlEncode(glbStr.substring(i+1,intNextQuote))+"</span>"";
i=intNextQuote;
lastState="";
break;
case "'":
intNextQuote=i;
while(intNextQuote!=-1&&intNextQuote<glbStr.length){
intNextQuote=glbStr.indexOf("'",intNextQuote+1);
if(intNextQuote==-1||glbStr.charAt(intNextQuote-1)!="")break;
intCount=0; intTemp=intNextQuote;
while(glbStr.charAt(--intTemp)=="")intCount++;
if(intCount%2==0)break;
}
if(intNextQuote==-1)break;
str+="<span class="quote">"+htmlEncode(glbStr.substring(i+1,intNextQuote))+"</span>'";
i=intNextQuote;
lastState="";
break;
case "/":
if(glbStr.charAt(i+1)=="/"){
intNextQuote=i;
intNextQuote=glbStr.indexOf("rn",intNextQuote+1);
if(intNextQuote==-1)intNextQuote=glbStr.length;
str=str.substring(0,str.length-1);
str+="<span class="comments">/"+htmlEncode(glbStr.substring(i+1,intNextQuote))+"</span>";
i=intNextQuote;
}else if(glbStr.charAt(i+1)=="*"){
intNextQuote=i;
intNextQuote=glbStr.indexOf("*/",intNextQuote+1);
if(intNextQuote==-1)return;
str=str.substring(0,str.length-1);
str+="<span class="comments">/"+htmlEncode(glbStr.substring(i+1,intNextQuote))+"*/</span>";
i=intNextQuote+1;
}else if(str.match(/[=(][ t]*//)){
intNextQuote=i;
while(intNextQuote!=-1&&intNextQuote<glbStr.length){
intNextQuote=glbStr.indexOf("/",intNextQuote+1);
if(intNextQuote==-1||glbStr.charAt(intNextQuote-1)!="")break;
intCount=0; intTemp=intNextQuote;
while(glbStr.charAt(--intTemp)=="")intCount++;
if(intCount%2==0)break;
}
if(intNextQuote==-1)break;
str+="<span class="regexp">"+htmlEncode(glbStr.substring(i+1,intNextQuote))+"</span>/";
i=intNextQuote;
lastState="";
}
lastState="";
break;
case "{":
outputLn(str);
str=" ";
seq=document.createElement("div");
seq.className="indent";
curRe.appendChild(seq);
curRe=seq;
lastState="rn";
if(i-glbP>200){
glbP=i+1;
glbTimer=setTimeout(core_analysis);
return;
}
break;
case "}":
outputLn(str.substring(0,str.length-1));
str="} ";
lastState="";
curRe=curRe.parentNode;
break;
default:
if(c.match(/w/)&&glbStr.charAt(i-1).match(/W/)){intWordStart=i;}
if(c.match(/W/)&&glbStr.charAt(i-1).match(/w/)){
str=str.substring(0,str.length-htmlEncode(c).length);
str=str.replace(regKW,clKW).replace(regObj,clObj).replace(regMP,clMP)+htmlEncode(c);
}
lastState="";
break;
}
}

if(i==glbStr.length){
if(str!=""){ outputLn(str); str=" "; }
stopExec();
}

}

function outputLn(theStr){
var seq=document.createElement("p");
seq.innerHTML=theStr;
curRe.appendChild(seq);
}

function clKW(str){ return(str.charAt(0)+str.substring(1).fontcolor(colorKW)); }

function clObj(str){ return(str.charAt(0)+str.substring(1).fontcolor(colorObj)); }

function clMP(str){ return(str.charAt(0)+str.substring(1).fontcolor(colorMP)); }

function clOP(str){ return(str.charAt(0)+str.substring(1).fontcolor(colorOP)); }
//------------------
// global scripts
//------------------

function maximizeWindow(){
window.moveTo(0,0);
window.resizeTo(screen.availWidth,screen.availHeight);
}

function htmlEncode(strS){
return(strS.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/ /g,"&nbsp;").replace(/rn/g,"<br/>"));
}
</script>
</head>
<body>

<div id="divTools">
<a href="#" onclick="return(showJSInput());">Input JS</a>
</div>

<div id="divJSInput">
<div id="divJSInputTitle">Please Input the JS:</div>
<textarea id="txtJSInput">input  js</textarea>
<div id="divJSInputBar">
<input type="button" value="OK" onclick="execJSInput();" />
<input type="button" value="Cancel" onclick="hideJSInput();" />
</div>
</div>

<div id="divJSOutput"></div>

<div id="divWaiting">
Processing...<span id="spnProcess"></span><br>
<input type="button" value="Stop" onclick="stopExec();" />
</div>
</body>
</html>

相关文章

文章中包含标签:,

«
»
  1. 小V says:
    2009/08/12 at 07:23 | 地址:福建省泉州市

    。。。解不出来,看起来像是设定cookie的恶意脚本,可以删掉。

    Reply