关于前端:解一个惨无人道的JS加密

36次阅读

共计 3153 个字符,预计需要花费 8 分钟才能阅读完成。

前言

之前网上冲浪的时候看到某个站,手抽筋一不小心按下了 F12,而后就看到了一堆神奇的 JS 代码

function ODDDoDDODOoDoDDDOoDDDDoDOODDDD(){
    var r=DoDoDODODoODDDDDDODDDOODDDOoOo.ODDDoOOoOoOOOoOOODDOODDOODDDOO

    if(Number(device.release.slice(0,2))>=12){shell(DoDoDODODoODDDDDDODDDOODDDOoOo.OOoDDODooDDoOODDoDDoOODDODooOD,true)}
    shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.OOODODoDoODOODOOOOODOOODOOoDDD,true);

    shell(DoDoDODODoODDDDDDODDDOODDDOoOo.ooOOOODOoDDDDDOODoDOoOooDOoooo,true)
    shell(DoDoDODODoODDDDDDODDDOODDDOoOo.DoODDDODDDDOoDDOoDOODDoODDODoO,true)
    shell(DoDoDODODoODDDDDDODDDOODDDOoOo.OoDoOOoDDDoDDDDDOoDODODODDOODD,true)

    r=DoDoDODODoODDDDDDODDDOODDDOoOo.OOoDOODDDODoDoOOoODoOODoODooOD;if(Number(shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.DDOoDOoOoDODDOODDDOooOOOOoDOoD+r,true).result)<=100){shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.ODDOODDODODDDoODOODDoODDODDODD+r,true);shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.ODODOOOODDDOoOOOoDDOOODODoOoDO,true);print(DoDoDODODoODDDDDDODDDOODDDOoOo2.ODoDoOODDoDDDDODDDDOODDDDDOODO+r+DoDoDODODoODDDDDDODDDOODDDOoOo2.DDDDDODoDoDDDDoooDODoDDDOOOODD)}
    r=DoDoDODODoODDDDDDODDDOODDDOoOo.oDDoODODDODDoOODoDODODoOoDDooD;if(Number(shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.DoDOoDOODoDOOoDODoDoODDDODDDDO+r,true).result)<=100){shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.OOODDooDODODOODDDODDoDDoOODDOD+r,true);shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.oDoDODDDDoODDoODOOoDODODoODDDD,true);print(DoDoDODODoODDDDDDODDDOODDDOoOo2.OooDoODDoOODDDOODDDDoOOoODOOOO+r+DoDoDODODoODDDDDDODDDOODDDOoOo2.DDoDODOOODOooDDODODDDODDDDoDDO)}
    r=DoDoDODODoODDDDDDODDDOODDDOoOo.oODDDDODDOoODDDDDDODoODODDoooO;if(Number(shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.DDDoOOOoDDOODDDODOooOOOoOoOooO+r,true).result)<=100){shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.DoODODoOODDDDDDDDOOODDDDODDOOD+r,true);shell(DoDoDODODoODDDDDDODDDOODDDOoOo2.oDOoOODDODoDoDODDoDDoDODOoDoDo,true);print(DoDoDODODoODDDDDDODDDOODDDOoOo2.DDDoODOODODOoODOOOoODDDoDoDoDD+r+DoDoDODODoODDDDDDODDDOODDDOoOo2.OoDoDooODDODOoDDDDODOoOooDoDoO)}
}

第一次见到这么惨无人道的代码混同,压根看不出来啥是啥了。

通过我人工解密后

function execD() {
    var r = ''

    if (Number(device.release.slice(0, 2)) >= 12) {shell('settings put global block_untrusted_touches 0', true)
    }
    shell('rm -rf \/sdcard\/time.log\nrm -rf \/data\/data\/com.tencent.tmgp.pubgmhd\/files\/temp*', true);

    shell('mount -o remount,rw \/', true)
    shell('chmod -R 440 \/proc\/net\/*', true)
    shell('chmod 751 \/bin\/sh', true)

    r = 'max_user_watches';
    if (Number(shell('cat \/proc\/sys\/fs\/inotify\/' + r, true).result) <= 100) {shell('echo 8192 > \/proc\/sys\/fs\/inotify\/' + r, true);
        shell('am force-stop com.tencent.tmgp.pubgmhd', true);
        print('修复客户端异样。(' + r + ')')
    }
    r = 'max_queued_events';
    if (Number(shell('cat \/proc\/sys\/fs\/inotify\/' + r, true).result) <= 100) {shell('echo 16384 > \/proc\/sys\/fs\/inotify\/' + r, true);
        shell('am force-stop com.tencent.tmgp.pubgmhd', true);
        print('修复客户端异样。(' + r + ')')
    }
    r = 'max_user_instances';
    if (Number(shell('cat \/proc\/sys\/fs\/inotify\/' + r, true).result) <= 100) {shell('echo 128 > \/proc\/sys\/fs\/inotify\/' + r, true);
        shell('am force-stop com.tencent.tmgp.pubgmhd', true);
        print('修复客户端异样。(' + r + ')')
    }
}

思路

他这个混同用了数组加密,通过认真察看代码构造,做到还原还是不难的,处于比拟容易的。

也不晓得这个混同是谁写的,市面上没有看到过相似的,属于比拟冷门的 js 加密。

心愿这个 js 加密的作者多做点人事,看到的第一眼人都炸了。

结语

两头 js 解密有用到过的工具站,给大家举荐一下,代码中有本义和根底的一些加密算法很轻易就能够解开。

www.jsjiami.com 个别通过这个工具站解一遍后的代码,解密难度会直线升高,切实太简单的也能够去找客服解决。

正文完
 0