关于安全说明

本站以学习探究为根本,记录自己的学习轨迹,深挖技术核心

所有文章禁止转载 、禁止用于违法方面并获取利益

如有侵犯,请联系删除,会积极配合

对学术交流,技术交流秉承积极态度

JS 安全防护原理 – 2

 2021年11月3日  Posted in security

流程平坦化

var bigArr = [
‘cmVwbGFjZQ==’, ‘Z2V0TW9udGg=’, ‘dG9TdHJpbmc=’, ‘Z2V0RGF0ZQ==’, ‘MA==’,
“”[‘constructor’][‘fromCharCode’], ‘\u65e5’, ‘\u4e00’, ‘\u4e8c’,
‘\u4e09’, ‘\u56db’, ‘\u4e94’, ‘\u516d’
];

(function(arr, num){
var shuffer = function(nums){
while(–nums){
arr[‘push’](arr[‘shift’]());
}
};
shuffer(++num);
}(bigArr,0x20));

Date.prototype.\u0066\u006f\u0072\u006d\u0061\u0074 = function(formatStr) {
var arrStr = ‘7|5|1|3|2|4’.split(‘|’), i = 0;
while (!![]) {
switch(arrStr[i++]){
case ‘1’:
eval(String.fromCharCode(115, 116, 114, 32, 61, 32, 115, 116, 114, 91, 39, 114, 101, 112, 108, 97, 99, 101, 39, 93, 40, 47, 121, 121, 121, 121, 124, 89, 89, 89, 89, 47, 44, 32, 116, 104, 105, 115, 91, 39, 103, 101, 116, 70, 117, 108, 108, 89, 101, 97, 114, 39, 93, 40, 41, 41, 59));
continue;
case ‘2’:
str = str[atob(bigArr[7])](/dd|DD/, this[atob(bigArr[10])]() > 9 ? this[atob(bigArr[10])]()[atob(bigArr[9])]() : atob(bigArr[11]) + this[atob(bigArr[10])]());
continue;
case ‘3’:
str = str[atob(bigArr[7])](/MM/, (this[atob(bigArr[8])]() + 1) > 9 ? (this[atob(bigArr[8])]() + 1)[atob(bigArr[9])]() : atob(bigArr[11]) + (this[atob(bigArr[8])]() + 1));
continue;
case ‘4’:
return str;
continue;
case ‘5’:
var Week = [bigArr[0], bigArr[1], bigArr[2], bigArr[3], bigArr[4], bigArr[5], bigArr[6]];
continue;
case ‘7’:
var \u0073\u0074\u0072 = \u0066\u006f\u0072\u006d\u0061\u0074\u0053\u0074\u0072;
continue;
}
break;
}
}
console.log( new \u0077\u0069\u006e\u0064\u006f\u0077[‘\u0044\u0061\u0074\u0065’]()[bigArr[12](102, 111, 114, 109, 97, 116)](‘\x79\x79\x79\x79\x2d\x4d\x4d\x2d\x64\x64’) );

 

逗号表达式混淆

var bigArr = [
‘cmVwbGFjZQ==’, ‘Z2V0TW9udGg=’, ‘dG9TdHJpbmc=’, ‘Z2V0RGF0ZQ==’, ‘MA==’,
“”[‘constructor’][‘fromCharCode’], ‘\u65e5’, ‘\u4e00’, ‘\u4e8c’,
‘\u4e09’, ‘\u56db’, ‘\u4e94’, ‘\u516d’
];

(function(arr, num){
var shuffer = function(nums){
while(–nums){
arr[‘push’](arr[‘shift’]());
}
};
shuffer(++num);
}(bigArr,0x20));

Date.prototype.\u0066\u006f\u0072\u006d\u0061\u0074 = function(formatStr, str, Week) {
return str =
(str = (
Week = (
\u0073\u0074\u0072 = \u0066\u006f\u0072\u006d\u0061\u0074\u0053\u0074\u0072,
[bigArr[0], bigArr[1], bigArr[2], bigArr[3], bigArr[4], bigArr[5], bigArr[6]]
),
eval(String.fromCharCode(115, 116, 114, 32, 61, 32, 115, 116, 114, 91, 39, 114, 101, 112, 108, 97, 99, 101, 39, 93, 40, 47, 121, 121, 121, 121, 124, 89, 89, 89, 89, 47, 44, 32, 116, 104, 105, 115, 91, 39, 103, 101, 116, 70, 117, 108, 108, 89, 101, 97, 114, 39, 93, 40, 41, 41, 59)),
str[atob(bigArr[7])](/MM/, (this[atob(bigArr[8])]() + 1) > 9 ? (this[atob(bigArr[8])]() + 1)[atob(bigArr[9])]() : atob(bigArr[11]) + (this[atob(bigArr[8])]() + 1))
),
str[atob(bigArr[7])](/dd|DD/, this[atob(bigArr[10])]() > 9 ? this[atob(bigArr[10])]()[atob(bigArr[9])]() : atob(bigArr[11]) + this[atob(bigArr[10])]())
);
}
console.log( new \u0077\u0069\u006e\u0064\u006f\u0077[‘\u0044\u0061\u0074\u0065’]()[bigArr[12](102, 111, 114, 109, 97, 116)](‘\x79\x79\x79\x79\x2d\x4d\x4d\x2d\x64\x64’) );