Ocultando (ofuscando) el script de Java [cerrado]

Navega tus respuestas
0

Escuché que ofuscar el java script es inútil y una pérdida de tiempo porque cualquiera con un poco de habilidad puede decodificar tu código. Así que quiero probar eso. Este código mostrará un cuadro de alerta que dice "hey" si lo ejecutas. Pero hay más código que eso allí. Así que aquí está el código ofuscado más de una vez, ¿quién puede decodificarlo? 

eval(function(e,r,n,c,t,i){if(t=function(e){return(r>e?"":t(e/r))+String.fromCharCode(e%r+161)},!"".replace(/^/,String)){for(;n--;)i[t(n)]=c[n]||t(n);c=[function(e){return i[e]}],t=function(){return"[¡-ÿ]+"},n=1}for(;n--;)c[n]&&(e=e.replace(RegExp(t(n),"g"),c[n]));return e}("õ(¬(p,a,c,k,e,d){e=¬(c){³ c};º(!''.Í(/^/,Ö)){¾(c--){d[c]=k[c]||c}k=[¬(e){³ d[e]}];e=¬(){³'\\w+'};c=1};¾(c--){º(k[c]){p=p.Í(ö ð('\\b'+e(c)+'\\b','g'),k[c])}}³ p}('¢«(µ(¥,¤,¡,£,¢,§){¢=µ(¡){¶(¡<¤?\'\':¢(Ý(¡/¤)))+((¡=¡%¤)>ò?Á.ÿ(¡+Ä):¡.â(ã))};È(!\'\'.¼(/^/,Á)){Ì(¡--){§[¢(¡)]=£[¡]||¢(¡)}£=[µ(¢){¶ §[¢]}];¢=µ(){¶\'\\\\©+\'};¡=1};Ì(¡--){È(£[¡]){¥=¥.¼(¢¤ ø(\'\\\\¦\'+¢(¡)+\'\\\\¦\',\'ª\'),£[¡])}}¶ ¥}(\'÷(²(¥,¤,¡,£,¢,¨){¢=²(¡){´(¡<¤?\\\'\\\':¢(ù(¡/¤)))+((¡=¡%¤)>ú?Ê.û(¡+Ä):¡.ô(ó))};Â(!\\\'\\\'.¹(/^/,Ê)){Ã(¡--)¨[¢(¡)]=£[¡]||¢(¡);£=[²(¢){´ ¨[¢]}];¢=²(){´\\\'\\\\\\\\©+\\\'};¡=1};Ã(¡--)Â(£[¡])¥=¥.¹(ü ¢¨(\\\'\\\\\\\\¦\\\'+¢(¡)+\\\'\\\\\\\\¦\\\',\\\'ª\\\'),£[¡]);´ ¥}(\\\'è(«(¥,¤,¡,£,¢,¨){¢=«(¡){­(¡<¤?\\\\\\\'\\\\\\\':¢(í(¡/¤)))+((¡=¡%¤)>Þ?Ë.Ó(¡+Ô):¡.Õ(Û))};Ç(!\\\\\\\'\\\\\\\'.Æ(/^/,Ë)){É(¡--)¨[¢(¡)]=£[¡]||¢(¡);£=[«(¢){­ ¨[¢]}];¢=«(){­\\\\\\\'\\\\\\\\\\\\\\\\©+\\\\\\\'};¡=1};É(¡--)Ç(£[¡])¥=¥.Æ(Ù ¢¡(\\\\\\\'\\\\\\\\\\\\\\\\¦\\\\\\\'+¢(¡)+\\\\\\\'\\\\\\\\\\\\\\\\¦\\\\\\\',\\\\\\\'ª\\\\\\\'),£[¡]);­ ¥}(\\\\\\\'î(¯(¥,¤,¡,£,¢,§){¢=¯(¡){°(¡<¤?\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\':¢(ë(¡/¤)))+((¡=¡%¤)>×?¿.Ú(¡+Ò):¡.¢£(é))};½(!\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\'.À(/^/,¿)){»(¡--){§[¢(¡)]=£[¡]||¢(¡)}£=[¯(¢){° §[¢]}];¢=¯(){°\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\©+\\\\\\\\\\\\\\\'};¡=1};»(¡--){½(£[¡]){¥=¥.À(¢¬ ¢¢(\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\'+¢(¡)+\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\',\\\\\\\\\\\\\\\'ª\\\\\\\\\\\\\\\'),£[¡])}}° ¥}(\\\\\\\\\\\\\\\'¢§(®(¥,¤,¡,£,¢,§){¢=®(¡){±(¡<¤?\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\':¢(¢³(¡/¤)))+((¡=¡%¤)>¢´?Å.¢²(¡+¢±):¡.¢¦(ý))};Ï(!\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'.Ñ(/^/,Å)){Î(¡--){§[¢(¡)]=£[¡]||¢(¡)}£=[®(¢){± §[¢]}];¢=®(){±\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\©+\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'};¡=1};Î(¡--){Ï(£[¡]){¥=¥.Ñ(ñ ï(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'+¢(¡)+\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\',\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'ª\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'),£[¡])}}± ¥}(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'¢®(·(¥,¤,¡,£,¢,§){¢=·(¡){¸ ¡.Ð(¢¯)};æ(!\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'.á(/^/,¢¸)){ç(¡--){§[¡.Ð(¤)]=£[¡]||¡.Ð(¤)}£=[·(¢){¸ §[¢]}];¢=·(){¸\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\©+\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'};¡=1};ç(¡--){æ(£[¡]){¥=¥.á(¢½ ¢Ù(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'+¢(¡)+\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¦\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\',\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'ª\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'),£[¡])}}¸ ¥}(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'5 2=[\"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\9\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\4\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\8\",\"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\7\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\6\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\4\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¡\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\¤\"];5 3=[2[0],2[1]];¦[3[1]](3[0]);\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\',ä,ä,\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'||¢¾|¢Ö|¢×|¢Ø|¢Þ|¨|¢ß|¢Å|¢Æ|¢Ç|¢À\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'.¢Á(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'|\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'),0,{}))\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\',¢¥,¢¥,\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'|||||||||||||||®||±|¢¦|Î||Ñ|Ï|¢Õ|¢Í||¢Ì|¢Ë|¢Ê|¢Î|¢©|ï||ñ|Å|¢Ï|¢Ò|¢Ñ|à|¢Ð|ý|¢É|¢§\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'.¢©(\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'|\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'),0,{}))\\\\\\\\\\\\\\\',¢È,¢Â,\\\\\\\\\\\\\\\'|||||||||||||||||||||||||||||||||||||||||||¯|°|½|¿|À|»|¢¿|¢¢|î|¢£|¢¬|ì|é|¢Ã|¢Ä|×|Ú|¢Ó|Ò|¢Ô|¢â|¢á||¢à|¢ã|¢ä|¢ç|ë|¢æ\\\\\\\\\\\\\\\'.ì(\\\\\\\\\\\\\\\'|\\\\\\\\\\\\\\\'),0,{}))\\\\\\\',þ,¢å,\\\\\\\'||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||«|­|Ë|Ç|Æ|É|è|í|Þ|Ó|Ô|Õ|Û|Ù|¢¡|Ø|þ|¢Ú|¢Ý|¢Ü|¢Û|¢è|¢·|¢¹|¢º|¢¼|¢»|¢¶|¢­|¢µ\\\\\\\'.Ø(\\\\\\\'|\\\\\\\'),0,{}))\\\',¢ª,¢°,\\\'||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||²|´|Ê|Â|¹|Ã|÷|ù|ú|û|Ä|ô|ó|ü|¢¨|¢ª|ß|¤ª|£ß|£à|£Þ|£Ý|£Û|£Ü|£á|¢é|£â|£ç|£è|£æ|£å\\\'.ß(\\\'|\\\'),0,{}))\',å,£ã,\'||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||¶|µ|¼|Ì|Á|È|â|ã|å|¢¤|ÿ|¢«|ê|ò|ø|Ý|£ä|£Ú|£Ù|£Ï|£Ð|£Î|£Í|£Ë|£Ì|£Ñ|£Ò|£×|£Ø|£Ö|£Õ\'.ê(\'|\'),0,{}))',à,£Ó,'||||||||||||||||||||||||||||||c|e|k|p|a|||b|d|r|g|w|H||£Ô|£é|£ê|£ÿ|I|¬|¤¡|³|£þ|f|h|K|£ý|£û|£ü|¤¢|¤£|¤¨||¤©|¤§|¤¦|¤¤|¤¥|i|£ú|M|Ö||¾|º|J|L|Í|£ù|£ï|£ð|£î|£í|£ë|£ì|£ñ|£ò|S|Q|O|R|T|N|n|j|m|l|P|£÷|£ø|£ö|£õ||£ó|£ô|£Ê|£É|¢þ|¢ÿ|¢ý|¢ü|¢ú|¢û|£¡|£¢|£§|£¨|£¦|£¥|Ü|ð|õ|ö|££|£¤|¢ù|¢ø|¢î|x|U|v|¢ï|¢í||¢ì|¢ê|Y|¢ë|¢ð|¢ñ|V|¢ö|¢÷|¢õ|¢ô|¢ò|B|C|D|A|F|¢ó|£©|£ª|z|u|£¿|t|s|q|o|£À|£¾|£½|£»||£¼|£Á|G|£Â|£Ç|£È|£Æ|£Å|W|£Ã|X|£Ä|£º|Z|y|E|£¹|£¯|£°|£®|£­|£«|£¬|£±|£²|£·|£¸|£¶|£µ|£³|£´'.Ü('|'),0,{}))",95,295,"30|31|32|34|33|37|38|39|41|40|52|function|50|42|45|44|48|46|return|47|49|51|53|54|56|if|60|77|57|while|59|58|71|61|63|29|55|64|66|74|65|69|67|73|replace|70|75|68|76|101|85|83|82|String|99|127|80|100|79|split|118|78|125|10|96|117|36|93|62|95|94|86|103|119|109|108|84|106|89|RegExp|90|35|112|113|eval|new|126|120|124|114|115|110|91|98|123|81|105|107|122|92|88|97|111|87|116|121|104|27|168|181|175|179|176|18|174|28|26|21|180|22|23|25|24|128|150|184|157|155|192|191|194|159|160|158|169|11|17|14|12|16|129|136|140|15|19|170|167|13|149|146|147|130|145|162|153|156|148|154|166|164|163|171|172|173|177|178|20|186|var|2q|window|x65|1U|x74|x68|2z|1W|_0x5424|x79|x6C|x72|x61|2l|2m|2o|2h|2j|1h|1l|1p|2g|2n|fromCharCode|2p|parseInt|toString|2k|2i|_0xd2ba|1Y|2v|2u|2s|2t|2A|1s|2E|2D|2B|2w|1u|2C|1t|1r|2y|1C|1y|1z|1x|1Z|1X|2x|1w|1q|2r|1D|1V|1B|1v|1A|1g|1o|131|135|102|132|151|142|134|144|197|1b|141|143|43|72|138|133|183|182|190|189|193|195|185|188|165|152|137|139|187|161|1a|2b|1O|1L|1P|1S|1Q|1R|1N|1K|1m|1n|1k|1j|1T|1i|1M|2e|1d|1e|2c|1E|2a|1F|1c|1f|1H|1G|1J|1I|2f|2d|196".split("|"),0,{}));
    
pregunta Mark 30.06.2015 - 13:17
fuente

2 respuestas

9

Para mostrarte que es fácil desenmascarar tu código, y , por lo tanto, es un poco inútil ocultarlo en primer lugar , te presentaré cómo lo hice para desenmascararlo en una Moda rápida y sucia:

Tomé tu código y reemplazé la primera "eval" por "console.log". Esto me dio otro código (más pequeño) que comienza con "eval". Así que repetí este proceso 9 veces, ya que su código fue ofuscado muchas veces de la misma manera. Esto podría haber sido automatizado, pero no se justificó para su ejemplo.

Luego obtuve este código: 

var _0x5424=["\x68\x65\x79","\x61\x6C\x65\x72\x74"];var _0xd2ba=[_0x5424[0],_0x5424[1]];window[_0xd2ba[1]](_0xd2ba[0]);

Lo que es equivalente a: 

var _0x5424 = [ "hey", "alert" ];
var _0xd2ba = [ _0x5424[0], _0x5424[1] ];
window[_0xd2ba[1]](_0xd2ba[0]);

(Un embellecedor JS analizó para mí el "\ x68 \ x65 \ x79".) Este código es equivalente a: 

var strings = [ "hey", "alert" ];
var stringsCopy = [ strings[0], strings[1] ]; 
window[stringsCopy[1]](stringsCopy[0]);

Lo que significa simplemente: 

window["alert"]("hey");

Cuál es otra forma de escribir: 

alert("hey");

Aquí, hecho. Fue fácil y no me considero un experto en ingeniería inversa, solo soy un desarrollador promedio. Como consejo, no pierda tiempo con la ofuscación de código JavaScript, en cambio, vuelva a diseñar su aplicación para hacer su trabajo sensible en el lado del servidor.

    
respondido por el Anonymous Coward 30.06.2015 - 14:33
fuente
5

Creo que tu 'prueba' es redundante. La ofuscación no es encriptación y es completamente posible quitar la ofuscación incluso si se necesita una investigación manual y mucha paciencia. Existen muchas herramientas para ayudar y no hay ninguna razón lógica por la que este ejemplo no pueda reducirse a una porción de código más simple con relativa rapidez.

El esfuerzo de cualquiera para decodificar esto puede ser instructivo (para ellos), pero como prueba, o demostración de seguridad o de otro tipo, es una pérdida de tiempo.     

respondido por el David Scholefield 30.06.2015 - 13:43
fuente

Lea otras preguntas en las etiquetas

¿Cómo se crean los hacks del lado del cliente? [cerrado] ¿Red oculta? [cerrado]