返回
在猿人学 第二题 JS 混淆逆向之旅
后端
2023-10-14 18:37:10
【引言】
欢迎来到猿人学逆向系列的第二篇:JS混淆之动态cookie。在本文中,我们将一起探索JS混淆的奥秘,并深入剖析猿人学平台上第二题的挑战。我们将从混淆代码入手,逐步揭开它的工作原理,最终找到解决方案。如果您对JS逆向感兴趣,或者想在这个领域有所突破,那么这篇指南正是为您量身定制的。
【猿人学第二题:JS混淆】
猿人学第二题是一个JS混淆挑战。您将看到一段混淆过的JS代码,任务是逆向该代码并找到解决方案。混淆后的代码如下:
var _0x55b0 = ['260746iqpygO', '102068qqzsuc', 'cookie', 'match', '128528qVRkrX', 'fromCharCode', '633003EkBaIJ', '39065zDkQNT', '413663CyGNvI', 'location', '1173038NbQxms', 'apply', '780927QXpHMO', '321099NwCdDP', '408264YrGnvE', 'substring', '813248STWWUm', 'DOMParser', '287236jwmjap', '1642873jhqlWZ', '1351914HJHdZu', 'replace', '353658TGzITC', 'parseFromString'];
(function(_0x2e6e8f, _0x364f8c) {
var _0x153504 = function(_0x5c3a1c) {
while (--_0x5c3a1c) {
_0x2e6e8f['push'](_0x2e6e8f['shift']());
}
};
_0x153504(++_0x364f8c);
}(_0x55b0, 0x13d));
var _0x4d7a = function(_0x13659c, _0x3914d8) {
_0x13659c = _0x13659c - 0x0;
var _0x599a4f = _0x55b0[_0x13659c];
if (_0x4d7a['gNBXTA'] === undefined) {
(function() {
var _0x58b7d6 = function() {
var _0x1031c7;
try {
_0x1031c7 = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
} catch (_0x4c6bb7) {
_0x1031c7 = window;
}
return _0x1031c7;
};
var _0x504210 = _0x58b7d6();
var _0x34d835 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
_0x504210['atob'] || (_0x504210['atob'] = function(_0x4199c1) {
var _0x5563a3 = String(_0x4199c1)['replace'](/=+$/, '');
for (var _0x421c80 = 0x0, _0x335330, _0x155bb9, _0x407b38 = 0x0, _0x429ac0 = ''; _0x155bb9 = _0x5563a3['charAt'](_0x407b38++); ~_0x155bb9 && (_0x335330 = _0x421c80 % 0x4 ? _0x335330 * 0x40 + _0x155bb9 : _0x155bb9,
_0x421c80++ % 0x4) ? _0x429ac0 += String['fromCharCode'](0xff & _0x335330 >> (-0x2 * _0x421c80 & 0x6)) : 0x0) {
_0x155bb9 = _0x34d835['indexOf'](_0x155bb9);
}
return _0x429ac0;
}
);
}());
_0x4d7a['hlsfRB'] = function(_0x472c1a) {
var _0x37212a = atob(_0x472c1a);
var _0x37c61e = [];
for (var _0x58711a = 0x0, _0x4928b5 = _0x37212a['length']; _0x58711a < _0x4928b5; _0x58711a++) {
_0x37c61e += '%' + ('00' + _0x37212a['charCodeAt'](_0x58711a)['toString'](0x10))['slice'](-0x2);
}
return decodeURIComponent(_0x37c61e);
}
;
_0x4d7a['eCzgFO'] = {};
_0x4d7a['gNBXTA'] = !![];
}
var _0x3799f5 = _0x4d7a['eCzgFO'][_0x13659c];
if (_0x3799f5 === undefined) {
_0x599a4f = _0x4d7a['hlsfRB'](_0x599a4f);
_0x4d7a['eCzgFO'][_0x13659c] = _0x599a4f;
} else {
_0x599a4f = _0x3799f5;
}
return _0x599a4f;
};
var _0x21c5b8 = function() {
var _0x13212f = !![];
return function(_0x19715a, _0x5b37a3) {
var _0x223433 = _0x13212f ? function() {
if (_0x5b37a3) {
var _0x55db94 = _0x5b37a3['apply'](_0x19715a, arguments);
_0x5b37a3 = null;
return _0x55db94;
}
}
: function() {}
;
_0x13212f = ![];
return _0x223433;
}
;
}();
var _0x31f15a = _0x21c5b8(this, function() {
var _0x2984d9 = function() {};
var _0x34d279 = typeof _0x2984d9 === 'function';
if (_0x34d279) {
return;
} else {
_0x2984d9 = 'nognaeif';
}
var _0x
