https://match.yuanrenxue.cn/match/2
花了两天时间,把混淆的js,一步一步的解混淆,去掉大数组,我觉得把过程详细描述下来,很难,并且帮助不大,我觉得提供一些有用的思路,让读者去实践更好。
重点:是用AST去除那些数组
js
var _0x2b98a5 = function () {
var _0x169b73 = true;
return function (_0x175027, _0x483b50) {
var _0x305dab = _0x169b73 ? function () {
if (_0x483b50) {
var _0x3d1a58 = _0x483b50["apply"](_0x175027, arguments);
_0x483b50 = null;
return _0x3d1a58;
}
} : function () { };
_0x169b73 = false;
return _0x305dab;
};
}();
var _0x4cf5e0 = function () {
var _0x4c4ba3 = true;
return function (_0xb4b4cc, _0x2bb2eb) {
var _0x33d728 = _0x4c4ba3 ? function () {
if (_0x2bb2eb) {
var _0x44de8a = _0x2bb2eb["apply"](_0xb4b4cc, arguments);
_0x2bb2eb = null;
return _0x44de8a;
}
} : function () { };
_0x4c4ba3 = false;
return _0x33d728;
};
}();
function _0x4e1b32(_0x16974b, _0x23801b) {
var _0x4ab4e1 = (65535 & _0x16974b) + (65535 & _0x23801b);
return (_0x16974b >> 16) + (_0x23801b >> 16) + (_0x4ab4e1 >> 16) << 16 | 65535 & _0x4ab4e1;
}
function _0x10b15a(_0x3863c7, _0x3147e5) {
return _0x3863c7 << _0x3147e5 | _0x3863c7 >>> 32 - _0x3147e5;
}
function _0x4cab97(_0xf74694, _0x44bcc5, _0x1b3aee, _0xec1d37, _0x92f41e, _0x5705fc) {
return _0x4e1b32(_0x10b15a(_0x4e1b32(_0x4e1b32(_0x44bcc5, _0xf74694), _0x4e1b32(_0xec1d37, _0x5705fc)), _0x92f41e), _0x1b3aee);
}
function _0x1d338c(_0x38068b, _0x5f4e79, _0x1971b1, _0x432ce3, _0x1164e3, _0xd51dee, _0x21e22d) {
return _0x4cab97(_0x5f4e79 & _0x1971b1 | ~_0x5f4e79 & _0x432ce3, _0x38068b, _0x5f4e79, _0x1164e3, _0xd51dee, _0x21e22d);
}
function _0x2c905f(_0x30b64e, _0x2762d8, _0xfb8456, _0x548b51, _0x174a25, _0x55fe2, _0x210bf1) {
return _0x4cab97(_0x2762d8 & _0x548b51 | _0xfb8456 & ~_0x548b51, _0x30b64e, _0x2762d8, _0x174a25, _0x55fe2, _0x210bf1);
}
function _0x377092(_0x422e3c, _0x506ca8) {
let _0x48b0f8 = [99, 111, 110, 115, 111, 108, 101];
let _0x2c2cf9 = "";
for (let _0x41e37b = 0; _0x41e37b < _0x48b0f8["length"]; _0x41e37b++) {
_0x2c2cf9 += String["fromCharCode"](_0x48b0f8[_0x41e37b]);
}
return _0x2c2cf9;
}
function _0x3c74dd(_0x3a9cbd, _0x4316fe, _0xda110a, _0x1c730e, _0x145779, _0x5eea6e, _0x5109d0) {
return _0x4cab97(_0x4316fe ^ _0xda110a ^ _0x1c730e, _0x3a9cbd, _0x4316fe, _0x145779, _0x5eea6e, _0x5109d0);
}
function _0x2b5e69(_0x5becf4, _0x1c106c, _0x4415d0, _0x2112ef, _0x510559, _0x5ae0a2, _0x3eabfe) {
return _0x4cab97(_0x4415d0 ^ (_0x1c106c | ~_0x2112ef), _0x5becf4, _0x1c106c, _0x510559, _0x5ae0a2, _0x3eabfe);
}
function _0x4f5274(_0x352a01, _0x1dff31) {
if (_0x1dff31) {
return _0x2b5e69(_0x352a01);
}
return _0x377092(_0x352a01);
}
function _0x7a2ea5(_0x538f78, _0xb72be2) {
let _0x4a2ae5 = "";
for (let _0x27f6f4 = 0; _0x27f6f4 < _0x538f78["length"]; _0x27f6f4++) {
_0x4a2ae5 += String["fromCharCode"](_0x538f78[_0x27f6f4]);
}
return _0x4a2ae5;
}
function _0x4fd6ba(_0x37734e, _0xdbd6d7) {
var _0x2a36c6 = _0x2b98a5(this, function () {
var _0x355898 = function () {
var _0x6299d4 = _0x355898["constructor"]("return /\" + this + \"/")()["compile"]("^([^ ]+( +[^ ]+)+)+[^ ]}");
return "";
return _0x6299d4["test"](_0x2a36c6);
};
return _0x355898();
});
_0x2a36c6();
(function () {
_0x4cf5e0(this, function () {
var _0xb8fe70 = new RegExp("function *\\( *\\)");
var _0x37f24a = new RegExp("\\+\\+ *(?:[a-zA-Z_$][0-9a-zA-Z_$]*)", "i");
var _0x122cd2 = $dbsm_0x44db27("init");
if (_0xb8fe70["test"](_0x122cd2 + "chain") || _0x37f24a["test"](_0x122cd2 + "input")) {
_0x122cd2("0");
} else {
$dbsm_0x44db27();
}
})();
});
_0x4f5274();
qz = [10, 99, 111, 110, 115, 111, 108, 101, 32, 61, 32, 110, 101, 119, 32, 79, 98, 106, 101, 99, 116, 40, 41, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 32, 61, 32, 102, 117, 110, 99, 116, 105, 111, 110, 32, 40, 115, 41, 32, 123, 10, 32, 32, 32, 32, 119, 104, 105, 108, 101, 32, 40, 49, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 102, 111, 114, 40, 105, 61, 48, 59, 105, 60, 49, 49, 48, 48, 48, 48, 48, 59, 105, 43, 43, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 104, 105, 115, 116, 111, 114, 121, 46, 112, 117, 115, 104, 83, 116, 97, 116, 101, 40, 48, 44, 48, 44, 105, 41, 10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 10, 32, 32, 32, 32, 125, 10, 10, 125, 10, 99, 111, 110, 115, 111, 108, 101, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 91, 111, 98, 106, 101, 99, 116, 32, 79, 98, 106, 101, 99, 116, 93, 39, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 402, 32, 116, 111, 83, 116, 114, 105, 110, 103, 40, 41, 32, 123, 32, 91, 110, 97, 116, 105, 118, 101, 32, 99, 111, 100, 101, 93, 32, 125, 39, 10];
eval(_0x7a2ea5(qz));
try {
if (global) {
console["log"]("人生苦短,何必python?");
} else {
while (1) {
console["log"]("人生苦短,何必python?");
debugger;
}
}
} catch (_0x52dbbd) {
return navigator["vendorSub"];
}
}
//setInterval(_0x4fd6ba(), 500);
document = {}
function _0xb0b8ca(_0x1acba3, _0x203838) {
_0x1acba3[_0x203838 >> 5] |= 128 << _0x203838 % 32;
_0x1acba3[14 + (_0x203838 + 64 >>> 9 << 4)] = _0x203838;
if (qz) {
var _0x3414f6,
_0x4ee7ab,
_0x233db4,
_0x47100e,
_0x5a3045,
_0x3edf4e = 1732584193,
_0x750439 = -271733879,
_0x454a4a = -1732584194,
_0x2e0f56 = 271733878;
} else {
var _0x3414f6,
_0x4ee7ab,
_0x233db4,
_0x47100e,
_0x5a3045,
_0x3edf4e = 0,
_0x750439 = -0,
_0x454a4a = -0,
_0x2e0f56 = 0;
}
for (_0x3414f6 = 0; _0x3414f6 < _0x1acba3["length"]; _0x3414f6 += 16) {
_0x4ee7ab = _0x3edf4e;
_0x233db4 = _0x750439;
_0x47100e = _0x454a4a;
_0x5a3045 = _0x2e0f56;
_0x3edf4e = _0x1d338c(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6], 7, -680876936);
_0x2e0f56 = _0x1d338c(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 1], 12, -389564586);
_0x454a4a = _0x1d338c(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 2], 17, 606105819);
_0x750439 = _0x1d338c(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 3], 22, -1044525330);
_0x3edf4e = _0x1d338c(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 4], 7, -176418897);
_0x2e0f56 = _0x1d338c(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 5], 12, 1200080426);
_0x454a4a = _0x1d338c(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 6], 17, -1473231341);
_0x750439 = _0x1d338c(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 7], 22, -45705983);
_0x3edf4e = _0x1d338c(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 8], 7, 1770010416);
_0x2e0f56 = _0x1d338c(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 9], 12, -1958414417);
_0x454a4a = _0x1d338c(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 10], 17, -42063);
_0x750439 = _0x1d338c(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 11], 22, -1990404162);
_0x3edf4e = _0x1d338c(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 12], 7, 1804603682);
_0x2e0f56 = _0x1d338c(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 13], 12, -40341101);
_0x454a4a = _0x1d338c(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 14], 17, -1502882290);
_0x750439 = _0x1d338c(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 15], 22, 1236535329);
_0x3edf4e = _0x2c905f(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 1], 5, -165796510);
_0x2e0f56 = _0x2c905f(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 6], 9, -1069501632);
_0x454a4a = _0x2c905f(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 11], 14, 643717713);
_0x750439 = _0x2c905f(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6], 20, -373897302);
_0x3edf4e = _0x2c905f(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 5], 5, -701558691);
_0x2e0f56 = _0x2c905f(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 10], 9, 38016083);
_0x454a4a = _0x2c905f(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 15], 14, -660478335);
_0x750439 = _0x2c905f(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 4], 20, -405537848);
_0x3edf4e = _0x2c905f(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 9], 5, 568446438);
_0x2e0f56 = _0x2c905f(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 14], 9, -1019803690);
_0x454a4a = _0x2c905f(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 3], 14, -187363961);
_0x750439 = _0x2c905f(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 8], 20, 1163531501);
_0x3edf4e = _0x2c905f(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 13], 5, -1444681467);
_0x2e0f56 = _0x2c905f(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 2], 9, -51403784);
_0x454a4a = _0x2c905f(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 7], 14, 1735328473);
_0x750439 = _0x2c905f(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 12], 20, -1926607734);
_0x3edf4e = _0x3c74dd(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 5], 4, -378558);
_0x2e0f56 = _0x3c74dd(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 8], 11, -2022574463);
_0x454a4a = _0x3c74dd(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 11], 16, 1839030562);
_0x750439 = _0x3c74dd(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 14], 23, -35309556);
_0x3edf4e = _0x3c74dd(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 1], 4, -1530992060);
_0x2e0f56 = _0x3c74dd(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 4], 11, 1272893353);
_0x454a4a = _0x3c74dd(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 7], 16, -155497632);
_0x750439 = _0x3c74dd(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 10], 23, -1094730640);
_0x3edf4e = _0x3c74dd(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 13], 4, 681279174);
_0x2e0f56 = _0x3c74dd(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6], 11, -358537222);
_0x454a4a = _0x3c74dd(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 3], 16, -722521979);
_0x750439 = _0x3c74dd(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 6], 23, 76029189);
_0x3edf4e = _0x3c74dd(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 9], 4, -640364487);
_0x2e0f56 = _0x3c74dd(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 12], 11, -421815835);
_0x454a4a = _0x3c74dd(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 15], 16, 530742520);
_0x750439 = _0x3c74dd(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 2], 23, -995338651);
_0x3edf4e = _0x2b5e69(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6], 6, -198630844);
_0x2e0f56 = _0x2b5e69(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 7], 10, 1126891415);
_0x454a4a = _0x2b5e69(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 14], 15, -1416354905);
_0x750439 = _0x2b5e69(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 5], 21, -57434055);
_0x3edf4e = _0x2b5e69(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 12], 6, 1700485571);
_0x2e0f56 = _0x2b5e69(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 3], 10, -1894986606);
_0x454a4a = _0x2b5e69(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 10], 15, -1051523);
_0x750439 = _0x2b5e69(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 1], 21, -2054922799);
_0x3edf4e = _0x2b5e69(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 8], 6, 1873313359);
_0x2e0f56 = _0x2b5e69(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 15], 10, -30611744);
_0x454a4a = _0x2b5e69(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 6], 15, -1560198380);
_0x750439 = _0x2b5e69(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 13], 21, 1309151649);
_0x3edf4e = _0x2b5e69(_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56, _0x1acba3[_0x3414f6 + 4], 6, -145523070);
_0x2e0f56 = _0x2b5e69(_0x2e0f56, _0x3edf4e, _0x750439, _0x454a4a, _0x1acba3[_0x3414f6 + 11], 10, -1120210379);
_0x454a4a = _0x2b5e69(_0x454a4a, _0x2e0f56, _0x3edf4e, _0x750439, _0x1acba3[_0x3414f6 + 2], 15, 718787259);
_0x750439 = _0x2b5e69(_0x750439, _0x454a4a, _0x2e0f56, _0x3edf4e, _0x1acba3[_0x3414f6 + 9], 21, -343485441);
_0x3edf4e = _0x4e1b32(_0x3edf4e, _0x4ee7ab);
_0x750439 = _0x4e1b32(_0x750439, _0x233db4);
_0x454a4a = _0x4e1b32(_0x454a4a, _0x47100e);
_0x2e0f56 = _0x4e1b32(_0x2e0f56, _0x5a3045);
}
return [_0x3edf4e, _0x750439, _0x454a4a, _0x2e0f56];
}
function _0xee25a3(_0x3ee5d) {
var _0x440bd9,
_0x49e758 = "",
_0x3fda8a = 32 * _0x3ee5d["length"];
for (_0x440bd9 = 0; _0x440bd9 < _0x3fda8a; _0x440bd9 += 8) {
_0x49e758 += String["fromCharCode"](_0x3ee5d[_0x440bd9 >> 5] >>> _0x440bd9 % 32 & 255);
}
return _0x49e758;
}
function _0x1b6eb0(_0x38e2c7) {
var _0x93a866,
_0x3d5ddd = [];
for (_0x3d5ddd[(_0x38e2c7["length"] >> 2) - 1] = void 0, _0x93a866 = 0; _0x93a866 < _0x3d5ddd["length"]; _0x93a866 += 1) {
_0x3d5ddd[_0x93a866] = 0;
}
var _0xc7974e = 8 * _0x38e2c7["length"];
for (_0x93a866 = 0; _0x93a866 < _0xc7974e; _0x93a866 += 8) {
_0x3d5ddd[_0x93a866 >> 5] |= (255 & _0x38e2c7["charCodeAt"](_0x93a866 / 8)) << _0x93a866 % 32;
}
return _0x3d5ddd;
}
function _0xd1612c(_0x18f663) {
return _0xee25a3(_0xb0b8ca(_0x1b6eb0(_0x18f663), 8 * _0x18f663["length"]));
}
function _0x4bd15f(_0x334df0) {
var _0x44a0eb,
_0x569f22,
_0x15a9f7 = "0123456789abcdef",
_0x4d2e01 = "";
for (_0x569f22 = 0; _0x569f22 < _0x334df0["length"]; _0x569f22 += 1) {
_0x44a0eb = _0x334df0["charCodeAt"](_0x569f22);
_0x4d2e01 += _0x15a9f7["charAt"](_0x44a0eb >>> 4 & 15) + _0x15a9f7["charAt"](15 & _0x44a0eb);
}
return _0x4d2e01;
}
function _0x2fc448(_0x2c2a06) {
return unescape(encodeURIComponent(_0x2c2a06));
}
function _0x20e3e4(_0x3b031f) {
return _0xd1612c(_0x2fc448(_0x3b031f));
}
function _0x55ebbf(_0x259944) {
return _0x4bd15f(_0x20e3e4(_0x259944));
}
function _0x104b36(_0x590530, _0x4f42f6, _0x46a06a) {
_0x4fd6ba();
return _0x4f42f6 ? _0x46a06a ? _0x377092(_0x4f42f6, _0x590530) : y(_0x4f42f6, _0x590530) : _0x46a06a ? _0x20e3e4(_0x590530) : _0x55ebbf(_0x590530);
}
function _0x57b286(_0xf4fcee, _0x1bef31) {
document["cookie"] = "m" + _0x4fd6ba() + "=" + _0x104b36(_0xf4fcee) + "|" + _0xf4fcee + "; path=/";
}
function _0x277c97(_0x33a929, _0x4e5a93) {
return Date["parse"](new Date());
}
// _0x4fd6ba()
// aa = _0x104b36(1710258589000)
本文作者:mystyouth
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!