如何解密js

JavaScript038

如何解密js,第1张

当你在浏览网页时,看到一个很漂亮的特效,你查看源代码时看到的是一队乱码,那多扫兴呀!根据本人的研究,总结出了三种解密方法,与大家分享!!

方法一:

有一种加密的办法是采用javascript的escape()函数,把某些符号、汉字等变成乱码,以达到迷惑人的目的。解密这种代码的办法是采用其反函数加以还原。下面是一个经过加密的例子:

<HTML>

<SCRIPT LANGUAGE="Javascript">

var Words ="%3Chtml%3E%3Cbody%20bgcolor%3D%22red%22%3E%3Cp%3E%u8FD9%u662F%u4F8B%u5B50%uFF01%uFF01%uFF1A%uFF09%3C/p%3E%3C/body%3E%3C/html%3E"

var NewWords

NewWords = unescape(Words)

document.write(NewWords)

</SCRIPT>

<BODY>

</BODY>

</HTML>

这种文件最好解密,一看就明白,关键是unescape()函数起了还原源代码的作用。要想看到加密前的代码是什么样子,可以用下面的办法:

<HTML><SCRIPT LANGUAGE="Javascript">

var Words ="%3Chtml%3E%3Cbody%20bgcolor%3D%22red%22%3E%3Cp%3E%u8FD9%u662F%u4F8B%u5B50%uFF01%uFF01%uFF1A%uFF09%3C/p%3E%3C/body%3E%3C/html%3E"

var NewWords

NewWords = unescape(Words)

NewWords=NewWords.toString()

function password(){

document.pw.txtpw.value=NewWords

}

</SCRIPT>

<BODY>

<form name=pw>

<input type=button onclick="password()" value="解密">

<br>

<textarea name="txtpw" cols="100" rows="100"></textarea>

</form>

</BODY>

</HTML>

方法二:

有一个软件叫HTMLEncrypt.exe,它就是把源代码进行加密的软件,这个软件的加密的原理是把字符转换。下面的例子是一个分帧的页面:

<html><head><script>

function Carbosoft( s ) { var sRet="" for(j=0 j< s.length j++ ){ var n= s.charCodeAt(j) if (n>=8364) {n = 128} sRet += String.fromCharCode( n - 3 ) } return( sRet ) }

var sJsCmds ="" +

"?kwpoA?khdgA?phwd#kwws0htxly@%Frqwhqw0W|sh%#frqwhqw@%wh{w2kwpo>#fkduvhw@lvr08<04%A?wlwohAZHOFRPH?2wlwohA?phwd#qdph@%JHQHUDWRU%#frqwhqw@%Plfurvriw#IurqwSdjh#613%A?phwd#qdph@%Plfurvriw#Wkhph%#frqwhqw@%qrqh/#ghidxow%A?phwd#qdph@%Plfurvriw#Erughu%#frqwhqw@%qrqh/#ghidxow%A?2khdgA?iudphvhw#erughu@%3%#iudpherughu@%3%#urzv@%-/93%A##?iudph#qdph@%pdlq%#vuf@%xs1kwp%#vfuroolqj@%dxwr%A##?iudph#qdph@%rqolqh%#vuf@%grzq1kwp%#vfuroolqj@%qr%#qruhvl}h#wdujhw@%beodqn%A##?qriudphvA##?erg|A##?sAWklv#sdjh#xvhv#iudphv/#exw#|rxu#eurzvhu#grhvq*w#vxssruw#wkhp1#?2sA##?2erg|A##?2qriudphvA?2iudphvhwA?2kwpoA?irqw#froru@%&33333%A?s#doljq@%fhqwhu%A?vpdooA?irqw#idfh@%Wdkrpd%AWklv#iloh#zdv#hqfu|swhg#xvlqj#dq#xquhjlvwhuhg#yhuvlrq#ri#?d#kuhi@%kwws=22fduer{1wkhgqv1qhw2kwpohqfu|sw1kwp%AKWPO#Hqfu|sw#y413?2dA1?2irqwA?2vpdooA?2sA" +

""

var s= Carbosoft( sJsCmds)

document.write (s)

</script>

</head><body></body></html>

从上面可以看出,浏览器解释这写代码前,进行了还原,从而可以得到破解的方法如下:

<script>

function Carbosoft( s ) { var sRet="" for(j=0 j< s.length j++ ){ var n= s.charCodeAt(j) if (n>=8364) {n = 128} sRet += String.fromCharCode( n - 3 ) } return( sRet ) }

var sJsCmds ="" +

"?kwpoA?khdgA?phwd#kwws0htxly@%Frqwhqw0W|sh%#frqwhqw@%wh{w2kwpo>#fkduvhw@lvr08<04%A?wlwohAZHOFRPH?2wlwohA?phwd#qdph@%JHQHUDWRU%#frqwhqw@%Plfurvriw#IurqwSdjh#613%A?phwd#qdph@%Plfurvriw#Wkhph%#frqwhqw@%qrqh/#ghidxow%A?phwd#qdph@%Plfurvriw#Erughu%#frqwhqw@%qrqh/#ghidxow%A?2khdgA?iudphvhw#erughu@%3%#iudpherughu@%3%#urzv@%-/93%A##?iudph#qdph@%pdlq%#vuf@%xs1kwp%#vfuroolqj@%dxwr%A##?iudph#qdph@%rqolqh%#vuf@%grzq1kwp%#vfuroolqj@%qr%#qruhvl}h#wdujhw@%beodqn%A##?qriudphvA##?erg|A##?sAWklv#sdjh#xvhv#iudphv/#exw#|rxu#eurzvhu#grhvq*w#vxssruw#wkhp1#?2sA##?2erg|A##?2qriudphvA?2iudphvhwA?2kwpoA?irqw#froru@%&33333%A?s#doljq@%fhqwhu%A?vpdooA?irqw#idfh@%Wdkrpd%AWklv#iloh#zdv#hqfu|swhg#xvlqj#dq#xquhjlvwhuhg#yhuvlrq#ri#?d#kuhi@%kwws=22fduer{1wkhgqv1qhw2kwpohqfu|sw1kwp%AKWPO#Hqfu|sw#y413?2dA1?2irqwA?2vpdooA?2sA" +

""

var s= Carbosoft( sJsCmds)

</script>

<form name=qq>

<textarea name=ww cols=100 rows=10></textarea>

<input onclick='ww.value=s' type=button value="解密">

</form>

方法三:

有一种加密方法是每行单独加密,还原起来比较复杂。看一个加密过的原文:

<HTML>

<BODY>

<SCRIPT LANGUAGE="JavaScript">

function Decode() {

d("FrfmnD")d("FruyvDFgwhqjfWnyeseysuEXpydy%whqjf~J~XWghwEXfkjJpgXDFIgwhqjfD")d("FmufyWrffjKuieqdEX?klfulfK$ajuXWwklfulfEXfubfIrfmnGWwryhgufEsx}{~}XD")d("FfqfnuDejFIfqfnuD")d("FIruyvD")d("FxkvaD")d("FIxkvaD")d("FIrfmnD")d("W")return 0}

</SCRIPT>

<SCRIPT LANGUAGE="JavaScript">

function d (enc) {document.write(codeIt(key,enc))}

var key = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\ \|#$%&\'()*+,-.\/:<=>?@[\\]^_\t\`{}~\n"function codeIt (mC, eS) {var wTG, mcH = mC.length / 2, nS = "", dvfor (var x = 0 x < eS.length x++) { wTG = mC.indexOf(eS.charAt(x))if (wTG > mcH) {dv = wTG - mcH nS = nS + mC.charAt(48 - dv)}else {dv = mcH - wTGnS = nS + mC.charAt(48 + dv)}}return nS}

</SCRIPT>

<SCRIPT LANGUAGE="JavaScript">

Decode()

</SCRIPT>

</BODY>

</HTML>

还原的时候,也必须每行单独解密,用下面的方法可以看到源代码:

<HTML>

<BODY>

<SCRIPT LANGUAGE="JavaScript">

function Decode() {

d("FrfmnD")d("FruyvDFgwhqjfWnyeseysuEXpydy%whqjf~J~XWghwEXfkjJpgXDFIgwhqjfD")d("FmufyWrffjKuieqdEX?klfulfK$ajuXWwklfulfEXfubfIrfmnGWwryhgufEsx}{~}XD")d("FfqfnuDejFIfqfnuD")d("FIruyvD")d("FxkvaD")d("FIxkvaD")d("FIrfmnD")d("W")return 0}

</SCRIPT>

<SCRIPT LANGUAGE="JavaScript">

function d (enc) {alert(codeIt(key,enc))}

var key = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\ \|#$%&\'()*+,-.\/:<=>?@[\\]^_\t\`{}~\n"function codeIt (mC, eS) {var wTG, mcH = mC.length / 2, nS = "", dvfor (var x = 0 x < eS.length x++) { wTG = mC.indexOf(eS.charAt(x))if (wTG > mcH) {dv = wTG - mcH nS = nS + mC.charAt(48 - dv)}else {dv = mcH - wTGnS = nS + mC.charAt(48 + dv)}}return nS}

</SCRIPT>

<SCRIPT LANGUAGE="JavaScript">

Decode()

</SCRIPT>

</BODY>

</HTML>

哈哈!!:=)是不是很精彩!!

解密后eval那段的原文如下(是一个解密函数):

function uncodeStr(str){

str=str.replace(/\^/g,"%")//把原来字符串里的~符号替换成%号

var str_len=str.length-1//后面数组循环时的最大下标

var i

var encodeStr=''

for(i=str_leni>=0i--){//这个循环是将密文倒转过来

encodeStr+=str.substr(i,1)

}

return decodeURI(encodeStr) //使用decodeURI解密

}

var aaa___ 就是获取的uncodeStr函数运算后的结果。

通过解密过程可以反推出加密过程如下:

获取需要字符串s

使用encodeURI(s)将一些特定符号替换为编码,如空格替换为%20,得到一个新的字符串

将新的字符串反转(第一位变为最后一位,第二位变为倒数第二位。。。。以此类推)

将反转后的字符串里的百分号(%)用波浪线替换后就得到密文了。

方法汇总:

https://www.cnblogs.com/pinkpolk/articles/13600696.html

项目中用了crypto-js DES加密解密 前端用下面方法加密 后台用java的des解密

https://blog.csdn.net/huaweichenai/article/details/103497194

crypto-js AES需要前端来处理加密解密

https://www.npmjs.com/package/crypto-js

JS 使用 SHA1 加密示例

https://blog.csdn.net/qq_40147863/article/details/88034357