请在Firefox下测试
看了下例子:
js代码
<script>
alert("hi there")
</script>
就等价于
<script>
([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]])([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()+[])[!+[]+!+[]]]((![]+[])[+!+[]]+(+[![]]+[])[+[]])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(+[![]]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+!+[]]]+(!![]+[])[+[]]+[][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()+[])[!+[]+!+[]]]((![]+[])[+!+[]]+(+[![]]+[])[+[]])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]])
</scirpt>
它实现的原理,有一个码表
复制代码 代码如下:
(NaN+[]["filter"])[11]',
! window["atob"]("If")[0]',
" ("").fontcolor()[12]',
# window["atob"]("0iN")[1]',
$ window["atob"]("0iT")[1]',
% window["atob"]("0iW")[1]',
& window["atob"]("0ia")[1]',
' window["atob"]("0if")[1]',
( (false+[]["filter"])[20]',
) (false+[]["filter"])[21]',
* window["atob"]("0ir")[1]',
+ window["atob"]("0it")[1]',
, window["atob"]("0iy")[1]',
- (NaN+window["Date"]())[31]',
. window["atob"]("1i4")[1]',
/ (true+("")["sub"]())[10]',
0-9 ignored*/ ,,,,,,,,,,
: window["Date"]()[21]',
; window["atob"]("O0")[0]',
< ("")["sub"]()[0]',
= ("").fontcolor()[11]',
> ("")["sub"]()[10]',
? window["atob"]("0j9")[1]',
@ window["atob"]("00A")[1]',
A (+[]+[]["constructor"])[10]',
B (+[]+(false)["constructor"])[10]',
C window["atob"]("00N")[1]',
D window["btoa"](00)[1]',
E window["btoa"](01)[2]',
F (0+[]["filter"]["constructor"])[10]',
G window["btoa"]("0f")[1]',
H window["btoa"]("0t")[1]',
I ("Infinity")[0]',
J window["atob"]("00r")[1]',
K window["btoa"]("(")[0]',
L window["btoa"]("/")[0]',
M window["btoa"](0)[0]',
N ("NaN")[0]',
O window["btoa"](8)[0]',
P window["btoa"]("<")[0]',
Q window["btoa"]("a")[1]',
R window["atob"]("01I")[1]',
S window["btoa"]("I")[0]',
T window["btoa"]("N")[0]',
U window["atob"]("01W")[1]',
V window["atob"]("01a")[1]',
W (true+window)[12]',
X window["atob"]("01i")[1]',
Y window["btoa"]("a")[0]',
Z window["btoa"]("f")[0]',
[ (undefined+[]["filter"])[33]',
\ window["atob"]("01y")[1]',
] (true+[]["filter"])[40]',
^ window["atob"](014)[1]',
_ window["atob"](018)[1]',
` window["atob"]("02A")[1]',
a ("false")[1]',
b (window+[])[2]',
c ([]["filter"]+[])[3]',
d ("undefined")[2]',
e ("true")[3]',
f ("false")[0]',
g ([]+("")["constructor"])[14]',
h window["atob"]("aN")[0]',
i ([false]+undefined)[10]',
j (window+[])[3]',
k window["atob"]("a0")[0]',
l ("false")[2]',
m (Number+[])[11]',
n ("undefined")[1]',
o (true+[]["filter"])[10]',
p window["atob"]("cN")[0]',
q window["atob"]("cf")[0]',
r ("true")[1]',
s ("false")[3]',
t ("true")[0]',
u ("undefined")[0]',
v (0+[]["filter"])[30]',
w ([]["sort"]["call"]()+[])[13]',
x window["atob"]("eN")[0]',
y (NaN+[Infinity])[10]',
z window["atob"]("et")[0]',
{ (NaN+[]["filter"])[21]',
| window["atob"]("03y")[1]',
} (NaN+[]["filter"])[41]',
~ window["atob"](234)[1]'
拼接出来字符串 "eval",如何把 "eval" 变成 eval() 呢?方法是
[]["sort"]["call"]()["eval"]
其中 []["sort"]["call"]() 等于 [].sort.call() ,等价于 window,所以上面 []["sort"]["call"]()["eval"] 就等价于 window.eval。
然后就是体力活了,把码表对应转换成 eval("blah blah") 这种形式就可以执行任意代码了
不同浏览器的码表不一样。Chrome和Firefox的index就不一样。
其实这个码表还可以通过 ·toLocal*()` 函数族扩展到Unicode,比fromCharCode要简短
原文:http://discogscounter.getfreehosting.co.uk/js-noalnum.php?txt=alert%28%22hi+there%22%29
看了下例子:
js代码
<script>
alert("hi there")
</script>
就等价于
<script>
([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]])([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()+[])[!+[]+!+[]]]((![]+[])[+!+[]]+(+[![]]+[])[+[]])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(+[![]]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+!+[]]]+(!![]+[])[+[]]+[][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()[(![]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]()+[])[!+[]+!+[]]]((![]+[])[+!+[]]+(+[![]]+[])[+[]])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]])
</scirpt>
它实现的原理,有一个码表
复制代码 代码如下:
(NaN+[]["filter"])[11]',
! window["atob"]("If")[0]',
" ("").fontcolor()[12]',
# window["atob"]("0iN")[1]',
$ window["atob"]("0iT")[1]',
% window["atob"]("0iW")[1]',
& window["atob"]("0ia")[1]',
' window["atob"]("0if")[1]',
( (false+[]["filter"])[20]',
) (false+[]["filter"])[21]',
* window["atob"]("0ir")[1]',
+ window["atob"]("0it")[1]',
, window["atob"]("0iy")[1]',
- (NaN+window["Date"]())[31]',
. window["atob"]("1i4")[1]',
/ (true+("")["sub"]())[10]',
0-9 ignored*/ ,,,,,,,,,,
: window["Date"]()[21]',
; window["atob"]("O0")[0]',
< ("")["sub"]()[0]',
= ("").fontcolor()[11]',
> ("")["sub"]()[10]',
? window["atob"]("0j9")[1]',
@ window["atob"]("00A")[1]',
A (+[]+[]["constructor"])[10]',
B (+[]+(false)["constructor"])[10]',
C window["atob"]("00N")[1]',
D window["btoa"](00)[1]',
E window["btoa"](01)[2]',
F (0+[]["filter"]["constructor"])[10]',
G window["btoa"]("0f")[1]',
H window["btoa"]("0t")[1]',
I ("Infinity")[0]',
J window["atob"]("00r")[1]',
K window["btoa"]("(")[0]',
L window["btoa"]("/")[0]',
M window["btoa"](0)[0]',
N ("NaN")[0]',
O window["btoa"](8)[0]',
P window["btoa"]("<")[0]',
Q window["btoa"]("a")[1]',
R window["atob"]("01I")[1]',
S window["btoa"]("I")[0]',
T window["btoa"]("N")[0]',
U window["atob"]("01W")[1]',
V window["atob"]("01a")[1]',
W (true+window)[12]',
X window["atob"]("01i")[1]',
Y window["btoa"]("a")[0]',
Z window["btoa"]("f")[0]',
[ (undefined+[]["filter"])[33]',
\ window["atob"]("01y")[1]',
] (true+[]["filter"])[40]',
^ window["atob"](014)[1]',
_ window["atob"](018)[1]',
` window["atob"]("02A")[1]',
a ("false")[1]',
b (window+[])[2]',
c ([]["filter"]+[])[3]',
d ("undefined")[2]',
e ("true")[3]',
f ("false")[0]',
g ([]+("")["constructor"])[14]',
h window["atob"]("aN")[0]',
i ([false]+undefined)[10]',
j (window+[])[3]',
k window["atob"]("a0")[0]',
l ("false")[2]',
m (Number+[])[11]',
n ("undefined")[1]',
o (true+[]["filter"])[10]',
p window["atob"]("cN")[0]',
q window["atob"]("cf")[0]',
r ("true")[1]',
s ("false")[3]',
t ("true")[0]',
u ("undefined")[0]',
v (0+[]["filter"])[30]',
w ([]["sort"]["call"]()+[])[13]',
x window["atob"]("eN")[0]',
y (NaN+[Infinity])[10]',
z window["atob"]("et")[0]',
{ (NaN+[]["filter"])[21]',
| window["atob"]("03y")[1]',
} (NaN+[]["filter"])[41]',
~ window["atob"](234)[1]'
拼接出来字符串 "eval",如何把 "eval" 变成 eval() 呢?方法是
[]["sort"]["call"]()["eval"]
其中 []["sort"]["call"]() 等于 [].sort.call() ,等价于 window,所以上面 []["sort"]["call"]()["eval"] 就等价于 window.eval。
然后就是体力活了,把码表对应转换成 eval("blah blah") 这种形式就可以执行任意代码了
不同浏览器的码表不一样。Chrome和Firefox的index就不一样。
其实这个码表还可以通过 ·toLocal*()` 函数族扩展到Unicode,比fromCharCode要简短
原文:http://discogscounter.getfreehosting.co.uk/js-noalnum.php?txt=alert%28%22hi+there%22%29
标签:
符号,Javascript代码
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件!
如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
桃源资源网 Design By www.nqtax.com
暂无“仅用[]()+!等符号就足以实现几乎任意Javascript代码”评论...
《魔兽世界》大逃杀!60人新游玩模式《强袭风暴》3月21日上线
暴雪近日发布了《魔兽世界》10.2.6 更新内容,新游玩模式《强袭风暴》即将于3月21 日在亚服上线,届时玩家将前往阿拉希高地展开一场 60 人大逃杀对战。
艾泽拉斯的冒险者已经征服了艾泽拉斯的大地及遥远的彼岸。他们在对抗世界上最致命的敌人时展现出过人的手腕,并且成功阻止终结宇宙等级的威胁。当他们在为即将于《魔兽世界》资料片《地心之战》中来袭的萨拉塔斯势力做战斗准备时,他们还需要在熟悉的阿拉希高地面对一个全新的敌人──那就是彼此。在《巨龙崛起》10.2.6 更新的《强袭风暴》中,玩家将会进入一个全新的海盗主题大逃杀式限时活动,其中包含极高的风险和史诗级的奖励。
《强袭风暴》不是普通的战场,作为一个独立于主游戏之外的活动,玩家可以用大逃杀的风格来体验《魔兽世界》,不分职业、不分装备(除了你在赛局中捡到的),光是技巧和战略的强弱之分就能决定出谁才是能坚持到最后的赢家。本次活动将会开放单人和双人模式,玩家在加入海盗主题的预赛大厅区域前,可以从强袭风暴角色画面新增好友。游玩游戏将可以累计名望轨迹,《巨龙崛起》和《魔兽世界:巫妖王之怒 经典版》的玩家都可以获得奖励。