前一段时间随手写了一个关于 JS eval 的解密,但之前的代码稍微有点小问题,显示解码后的信息不完整,主要是<只进行了一次替换,现在从新调整了一下。
并且,现在也支持在代码中使用 /*....*/ 进行填充的JS代码解密,支持使用变量代替 eval 指令的混淆后代码的解密
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="Generator" content="EditPlus®">
<meta name="Author" content="">
<meta name="Keywords" content="">
<meta name="Description" content="">
<title>Decode For JS eval function</title>
</head>
<body>
<textarea id="jscode" style="width:100%;height:300px;"></textarea>
<button οnclick="decode();">decode</button>
<div id="decode_step"></div>
<script>
var step = 0;
function decode(){
if (document.getElementById('jscode'))
{
var code = document.getElementById('jscode').value;
code = de_code(code);
}
}
function de_code(code){
if (/^eval/gi.test(code))
{
try{
eval(code.replace(/^eval/gi,'var a=').replace('/(','('));
}catch(e){
alert(e);
}
var el = document.createElement('div');
el.style.border = '1px solid black';
el.style.margin = '10px';
el.style.padding = '10px';
if (!/^eval/gi.test(a))
{
var b = a;
b = b.replace(/</gi,'<');
b = b.replace(/\{(?!<br(?!\w))/gi,'{<br/>');
b = b.replace(/\}(\s*([,;]?|else)(?!\s*([,;]|else)))/gi,'<br/>}$1');
b = b.replace(/\}(?!\s*(else(?!\w)|<br\/>|[,;\(\)]))/gi,'}<br/>');
b = b.replace(/(([^;'"]|'[^']*'|"[^"]*")+);\s*/gi,'$1;<br/>');
while (/\{[^\{\}]+\}/gi.test(b))
{
var c = /\{([^\{\}]*)\}/gi.exec(b);
b = b.replace(c[0],'{'+c[1].replace(/(<br\/>(?!$))/gi,'$1 ')+'}');
}
el.innerHTML = b;
}else{
el.innerHTML = a.replace(/</gi,'<');
}
document.getElementById('decode_step').appendChild(el);
step ++;
return de_code(a);
}else{
if (/\/\*[\s\S]*?\*\//gi.test(code))
{
code = code.replace(/\/\*[\s\S]*?\*\//gi,' ');
code = code.replace(/\\u[\da-f]{4}/gi,function(m){eval(m.replace('\\u','var asc=0x'));return String.fromCharCode(asc);});
//alert(/var\s*([^\s]+)\s*=\s*[\w]+[\s\S]*?\1\s*\(/gi.test(code));
while (/var\s*([^\s]+)\s*=\s*[\w]+[\s\S]*?\1\s*\(/gi.test(code))
{
code = code.replace(/var\s*([^\s]+)\s*=\s*([\w]+)([\s\S]*?)\1\s*\(/gi,'$3$2(');
code = code.replace(/^[\s;]+/gi,'');
}
var el = document.createElement('div');
el.style.border = '1px solid black';
el.style.margin = '10px';
el.style.padding = '10px';
el.innerHTML = code.replace(/</gi,'<');
document.getElementById('decode_step').appendChild(el);
return de_code(code);
}else{
return code;
}
}
}
</script>
</body>
</html>