obfuscation的意思混淆,以为是js代码进行了加密。题目整体还是比较简单的。 My Writeup 访问题目,页面提示输入密码: 先随便输入一个。发现页面没有加载比较有用的JS代码: 既然打开页面有弹窗,那就肯定有交互,使用burp进行抓包,响应包中发现了解题关键: 其中escape() 函数可对字符串进行编码,这样就可以在所有的计算机...
涉及到的JS代码混淆的相关方法,Obfuscation1中是unescape()。 My Writeup 访问题目,打开F12审查元素: 进行解码得到:String.fromCharCode(104,68,117,102,106,100,107,105,49,53,54) 在JS中fromCharCode()方法是将 Unicode 编码转为一个字符,得到hDufjdki156 Others Writeup 略...
Can anyone help me out how to use this : javascript-obfuscator ./dist [options] command ? my js files are in multiple folders under src/js/ I execute "javascript-obfuscator ./src --compact true --selfDefending true" but this command is not working. I want my all js and obfuscated ...
You beat me to it, but forgot to mention that a non-sleazy website can use the approach that this one does, to not “display” the “share” button (in clickable form) until the reader has deliberately asked for it. Hover over the “do you want to even see the real button” icons...
[83星][4m] [JS] zswang/jfogs JavaScript Obfuscator [79星][5m] [HTML] szimeus/evalyzer Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection [73星][17d] [TS] geeksonsecurity/illuminatejs IlluminateJs is a static JavaScript deobfuscator [40星][14d]...
jstillery工具[530星][1y] [JS] mindedsecurity/jstillery Advanced JavaScript Deobfuscation via Partial Evaluation 工具[314星][10m] [JS] hynekpetrak/malware-jail 半自动Javascript恶意软件分析的沙箱,去混淆和Payload提取 [269星][12d] [JS] lelinhtinh/de4js JavaScript Deobfuscator and Unpacker [207...