Javascript脚本解密

       前段时间，写一个办公自动化的Web应用，从网上载了一个网站的首页，因为网站的布局跟设想有些出入，需要修改源代码，发现Javascript脚本是一堆包在eval()函数里的不认识的代码。顿时一片乱码，从没有见过这样的Javascript脚本，不知道如何下手，还好果断删除了源码，重新写了熟悉的Javascript。昨天发现，这种乱码是Javascript脚本的一种加密方式。

      源码如下：

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('G N="";8 1e(M,h){9(N!=""){7(N).r="Y"}9(7(M).r=="Y"){7(M).r="1z";2.H(h);N=M}}8 7(l){9(e.15&&e.15(l)){o e.15(l)}t 9(e.14&&e.14(l)){o e.14(l)}t 9(e.13&&e.13[l]){o e.13[l]}t{o 1y}}8 1x(){d.4=x 10();d.6=x 10();d.12=12;d.I=I;d.y=y;d.H=H;d.z=z}8 Z(p,K,J,L){d.5=K;d.X=J;d.b=p;d.1f=L}8 12(p,5,L){2.6[2.4.c]=x 10();2.4[2.4.c]=x Z(p,5,0,L);o(2.4.c-1)}8 I(p,k,J){9(k>=0&&k<=2.4.c){K="1w"+k;2.6[k][2.6[k].c]=x Z(p,K,J,0);o(2.6[k].c-1)}t I=-1}8 z(5){G 3="";v(i=0;i<2.4.c;i++){9(2.4[i].1f==1&&2.4[i].5==5){3+="<f w=T g=U"+i+" u=\\"V(\'E"+i+"\')\\">";3+="<F>"+2.4[i].b+"</F>";3+="</f>";3+="<f w=1d g=E"+i+"><m>";v(j=0;j<2.6[i].c;j++){3+="<n g="+2.6[i][j].5+j+" u=\\"W(\'"+2.6[i][j].b+"\',\'"+2.4[i].b+"\',\'"+2.6[i][j].X+"\')\\"><a 1c=#>"+2.6[i][j].b+"</a></n>"}3+="</m></f>"}}7(\'1b\').D=3}8 y(5){G 3="<m>";v(i=0;i<2.4.c;i++){9(2.4[i].5==5){3+="<n g=1v"+i+" u=\\"1e(g,\'"+2.4[i].b+"\')\\" w=Y>"+2.4[i].b+"</n>"}}3+="</m>";7(\'1u\').D=3}8 H(h){G 3="";v(i=0;i<2.4.c;i++){9(2.4[i].b==h){3="<f w=T g=U"+i+" u=\\"V(\'E"+i+"\')\\">";3+="<F>"+2.4[i].b+"</F>";3+="</f>";3+="<f w=1d g=E"+i+" B=\'A:1a;\'><m>";v(j=0;j<2.6[i].c;j++){3+="<n g="+2.6[i][j].5+"1t"+j+" u=\\"W(\'"+2.6[i][j].b+"\',\'"+2.4[i].b+"\',\'"+2.6[i][j].X+"\')\\"><a 1c=#>"+2.6[i][j].b+"</a></n>"}3+="</m></f>"}}7(\'1b\').D=3}8 W(h,5,q){9(h!=""&&5!=""){R.Q.P[\'1s\'].7(\'1r\').D=5+"&C;&C;<1q q=1p/1o.1n 1m=0 />&C;&C;"+h}9(q!=""){R.Q.P[\'O\'].18=q}}8 V(s){S="U"+s.1l(11);9(7(s).B.A=="19"){7(s).B.A="1a";7(S).r="T"}t{7(s).B.A="19";7(S).r="1k"}}8 1j(5){2.z(5);2.y(5);R.Q.P[\'O\'].18="O.1i"}e.1h("<16 q=17/1g.17></"+"16>");',62,98,'||outlookbar|output|titlelist|sortname|itemlist|getObject|function|if||title|length|this|document|div|id|item|||parentid|objectId|ul|li|return|intitle|src|className|divid|else|onclick|for|class|new|getbytitle|getdefaultnav|display|style|nbsp|innerHTML|sub_detail_|span|var|getbyitem|additem|inkey|insort|inisdefault|Id|preClassName|manFrame|frames|top|window|subsortid|list_tilte|sub_sort_|hideorshow|changeframe|key|left_back|theitem|Array||addtitle|layers|all|getElementById|script|js|location|none|block|right_main_nav|href|list_detail|list_sub_detail|isdefault|nav|write|html|initinav|list_tilte_onclick|substring|broder|gif|slide|images|img|show_text|mainFrame|_|left_main_nav|left_nav_|item_|outlook|false|left_back_onclick'.split('|'),0,{}))

经过解密之后，就变为熟悉的Javascript代码，倍感亲切。

var preClassName = "";
function list_sub_detail(Id, item) {
 if (preClassName != "") {
  getObject(preClassName).className = "left_back"
 }
 if (getObject(Id).className == "left_back") {
  getObject(Id).className = "left_back_onclick";
  outlookbar.getbyitem(item);
  preClassName = Id
 }
}
function getObject(objectId) {
 if (document.getElementById && document.getElementById(objectId)) {
  return document.getElementById(objectId)
 } else if (document.all && document.all(objectId)) {
  return document.all(objectId)
 } else if (document.layers && document.layers[objectId]) {
  return document.layers[objectId]
 } else {
  return false
 }
}
function outlook() {
 this.titlelist = new Array();
 this.itemlist = new Array();
 this.addtitle = addtitle;
 this.additem = additem;
 this.getbytitle = getbytitle;
 this.getbyitem = getbyitem;
 this.getdefaultnav = getdefaultnav
}
function theitem(intitle, insort, inkey, inisdefault) {
 this.sortname = insort;
 this.key = inkey;
 this.title = intitle;
 this.isdefault = inisdefault
}
function addtitle(intitle, sortname, inisdefault) {
 outlookbar.itemlist[outlookbar.titlelist.length] = new Array();
 outlookbar.titlelist[outlookbar.titlelist.length] = new theitem(intitle, sortname, 0, inisdefault);
 return (outlookbar.titlelist.length - 1)
}
function additem(intitle, parentid, inkey) {
 if (parentid >= 0 && parentid <= outlookbar.titlelist.length) {
  insort = "item_" + parentid;
  outlookbar.itemlist[parentid][outlookbar.itemlist[parentid].length] = new theitem(intitle, insort, inkey, 0);
  return (outlookbar.itemlist[parentid].length - 1)
 } else additem = -1
}
function getdefaultnav(sortname) {
 var output = "";
 for (i = 0; i < outlookbar.titlelist.length; i++) {
  if (outlookbar.titlelist[i].isdefault == 1 && outlookbar.titlelist[i].sortname == sortname) {
   output += "<div class=list_tilte id=sub_sort_" + i + " οnclick=\"hideorshow('sub_detail_" + i + "')\">";
   output += "<span>" + outlookbar.titlelist[i].title + "</span>";
   output += "</div>";
   output += "<div class=list_detail id=sub_detail_" + i + "><ul>";
   for (j = 0; j < outlookbar.itemlist[i].length; j++) {
    output += "<li id=" + outlookbar.itemlist[i][j].sortname + j + " οnclick=\"changeframe('" + outlookbar.itemlist[i][j].title + "','" + outlookbar.titlelist[i].title + "','" + outlookbar.itemlist[i][j].key + "')\"><a href=#>" + outlookbar.itemlist[i][j].title + "</a></li>"
   }
   output += "</ul></div>"
  }
 }
 getObject('right_main_nav').innerHTML = output
}
function getbytitle(sortname) {
 var output = "<ul>";
 for (i = 0; i < outlookbar.titlelist.length; i++) {
  if (outlookbar.titlelist[i].sortname == sortname) {
   output += "<li id=left_nav_" + i + " οnclick=\"list_sub_detail(id,'" + outlookbar.titlelist[i].title + "')\" class=left_back>" + outlookbar.titlelist[i].title + "</li>"
  }
 }
 output += "</ul>";
 getObject('left_main_nav').innerHTML = output
}
function getbyitem(item) {
 var output = "";
 for (i = 0; i < outlookbar.titlelist.length; i++) {
  if (outlookbar.titlelist[i].title == item) {
   output = "<div class=list_tilte id=sub_sort_" + i + " οnclick=\"hideorshow('sub_detail_" + i + "')\">";
   output += "<span>" + outlookbar.titlelist[i].title + "</span>";
   output += "</div>";
   output += "<div class=list_detail id=sub_detail_" + i + " style='display:block;'><ul>";
   for (j = 0; j < outlookbar.itemlist[i].length; j++) {
    output += "<li id=" + outlookbar.itemlist[i][j].sortname + "_" + j + " οnclick=\"changeframe('" + outlookbar.itemlist[i][j].title + "','" + outlookbar.titlelist[i].title + "','" + outlookbar.itemlist[i][j].key + "')\"><a href=#>" + outlookbar.itemlist[i][j].title + "</a></li>"
   }
   output += "</ul></div>"
  }
 }
 getObject('right_main_nav').innerHTML = output
}
function changeframe(item, sortname, src) {
 if (item != "" && sortname != "") {
  window.top.frames['mainFrame'].getObject('show_text').innerHTML = sortname + "&nbsp;&nbsp;<img src=images/slide.gif broder=0 />&nbsp;&nbsp;" + item
 }
 if (src != "") {
  window.top.frames['manFrame'].location = src
 }
}
function hideorshow(divid) {
 subsortid = "sub_sort_" + divid.substring(11);
 if (getObject(divid).style.display == "none") {
  getObject(divid).style.display = "block";
  getObject(subsortid).className = "list_tilte"
 } else {
  getObject(divid).style.display = "none";
  getObject(subsortid).className = "list_tilte_onclick"
 }
}
function initinav(sortname) {
 outlookbar.getdefaultnav(sortname);
 outlookbar.getbytitle(sortname);
 window.top.frames['manFrame'].location = "manFrame.html"
}
document.write("<script src=js/nav.js></" + "script>");

这是解密地址：http://www.strictly-software.com/unpack-javascript.aspx