How to decode a JSFuck script? - javascript

I have this code in JavaScript:
[(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+
(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+
(!![]+[])[+!+[]]]
In the console, it will return
Array [ "filter" ]
And how can I decode a lot of text that’s similar to the text above? E.g.:
[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+
(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+
([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+
(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+
(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+
(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+
([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+
(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+
(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+
(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+
([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+
(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]
I want to see the plain script.

I have seen many decoding attempts around, but none that work reliably. The easiest way I have found to decode Non Alphanumeric Javascript is with Chrome.
Open Chrome > Go to jsfuck.com > paste the code you would like to decode in the window > hit Run This.
Then open the Console, in the case of your specific code from PasteBin there will be an error:
Uncaught TypeError: Cannot read property 'innerHTML' of null
To the right of the error, click the line number link, and the code will be revealed. The result is:
(function(){
window.false=document.getElementById('sc').innerHTML;
})
Which explains why you get the error trying to just decode it using JSFuck itself. There is no element with the id sc on their site.

You can use this website to decode jsfuck:
http://codertab.com/jsunfuck
UPDATED
I extracted the decode javascript from the URL above, this is how the decode process work: (javascript)
s = source.slice(0, source.length - 2);
txtResult = eval(s);
Hope it help!

let elem = yourJSFuck
function decode(elem) {
return (/\n(.+)/.exec(eval(elem.replace(/\s+/, "").slice(0, -2)))[1]);
}
console.log(decode(elem))
This should work, the source is from this page

Related

JavaScript Exception in HtmlUnit when clicking at google result page

I want to use HtmlUnit (v2.21) to get some search result pages from google. This requires me to click on "people also looked for" link when searching for a person (right side, see example link), which triggers some JavaScript and changes the content of the current page. But this gives me an JavaScript Wrapper Exception (see below).
Clickable example link: https://www.google.de/search?ie=UTF-8&safe=off&q=nicki+minaj
Simple TestCase with errors:
String url = "https://www.google.de/search?ie=UTF-8&safe=off&q=nicki+minaj";
WebClient client = new WebClient(BrowserVersion.BEST_SUPPORTED);
HtmlPage page = client.getPage(url);
HtmlElement link = page.getFirstByXPath("//a[#class='_Zjg']");
HtmlPage newPage = link.click(); //throws exception
this.storeResultFile(newPage.asXml(), "test");
client.close();
Result:
net.sourceforge.htmlunit.corejs.javascript.WrappedException: Wrapped java.lang.NullPointerException
at net.sourceforge.htmlunit.corejs.javascript.Context.throwAsScriptRuntimeEx(Context.java:2053)
at com.gargoylesoftware.htmlunit.javascript.JavaScriptEngine.doProcessPostponedActions(JavaScriptEngine.java:947)
at com.gargoylesoftware.htmlunit.javascript.JavaScriptEngine.processPostponedActions(JavaScriptEngine.java:1012)
at com.gargoylesoftware.htmlunit.html.DomElement.click(DomElement.java:799)
at com.gargoylesoftware.htmlunit.html.DomElement.click(DomElement.java:742)
at com.gargoylesoftware.htmlunit.html.DomElement.click(DomElement.java:689)
I stored the xml of the "page" object and made sure that the XPath expression is valid and has results.
Anybody got any ideas?
Looks like the JavaScript-Engine (based on Rhino) is very easy to upset and quits on some script-issues, where other browsers are still able to run the script.
I dont know if there is a mistake in the scripts from google, but these two lines solved it for me:
JavaScriptEngine engine = client.getJavaScriptEngine();
engine.holdPosponedActions();
Nevertheless, when running multiple htmlunit-objects in multiple threads it is still possible to get accross this error. This is more a workaround than a solution.

My code doesn't work on CodePen or JsFiddle when I upload it but works fine in my browser. Would anyone be able to help me please?

I am new to codePen. I am probably doing a stupid mistake but would any one be able to point it out please?
function initialDraw(e) {
var surfaceContext = surface.getContext('2d');
surfaceContext.drawImage(wheel, 0, 0);
}
http://codepen.io/hTeeML/pen/RPJemx
Dropbox doesn't serve the raw js file but a html document displaying the javacript. This is legitimately seen by the browser as wrong and therefore unusable.
See here:
https://www.dropbox.com/s/dbt9dzsepaie0tp/winwheel_1.2.js?dl=0
Output from the firefox console when loading the CodePen page:
SyntaxError: expected expression, got '<' winwheel_1.2.js:1:0
Dropbox file start:
<!DOCTYPE html>
Sidenote
Your javascript contains occurences of this pattern:
var wheelImageName = url("http://i60.tinypic.com/t9f7s1.png");
This will not only fail because it is interpreted as a function but also because this is the wrong data format for the src attribute of an img tag.
Fixed code:
var wheelImageName = "http://i60.tinypic.com/t9f7s1.png";

I am getting un-terminated string literal for my userextension.js file in Selenium IDE

I've the following code to add in userextensions.js file whenever I add the following piece of code it gives me following error
Failed to load user-extensions.js: Syntax Error: Unterminated String Literal
Selenium.prototype.doInsertCKEditor = function(locator,word)
{
this.doWaitForCondition("var x =
Selenium.browserbot.findElementOrNull('//td[#id=\"cke_contents_form
\"]');x != null;", "50000");
this.doRunScript("CKEDITOR.instances['"+locator+"'].setData('"+word
+"');");
the best way to remove this ever I found it to open your script in some javascript editor I did it in Adobe Dreamweaver and it pin pointed the line where actually the problem is and I resolved this

Encode captured JavaScript code to alert it

I capture the lines of code around JavaScript errors in order to find and fix them much quicker. In my log when I click on the line number I'm trying to make it alert the lines where the error occurred. Here is an example of the current output...
javascript:alert(encode('var clickCycle = 37;
window.onload = function(e)
{
var a = JSON.parse(localStorage.getItem('email_tab'));
try {var a = top.window.location.href;}
catch (err)
{
'));
It's late so I'm not sure if I should be encoding via PHP at the server or just encode it via JavaScript?
I need to make sure that if there are quotes or other code symbols that they appear in the alert() as they do in the code.
For security problem, i think you just encode it at server before response to client. And at client side you don't need encode through on javascript
A string replace did the trick...
<a href="javascript:alert(\'';
$sp = str_ireplace("'","\'",$row1['lines']);
echo htmlspecialchars($sp).'\');" tabindex="3">'.$row1['line'].'</a>

youtube url rel=0 is not working in javascript

youtube url is not working in javascript,why?
where is the mistake in my code:
$(document).ready(function(){
api_images = ['http://www.youtube.com/watchv=OyQoHmcunk&rel=0&fs=0&width=640&height=360'];
api_titles = ['Title 1'];
api_descriptions = ['']
$.prettyPhoto.open(api_images,api_titles,api_descriptions);
});
You're missing the ? that actually separates the path from the query-string:
api_images = ['http://www.youtube.com/watch?v=OyQoHmcunk&rel=0&fs=0&width=640&height=360'];
// ^
Without it, you should be receiving a 404 response, which a decent javascript debugger would've told you. You are using a debugger, right?
Also, depending on the DOCTYPE in use and whether this is from an inline or external <script>, HTML-encoding the &s may either be necessary or another source of issue:
api_images = ['http://www.youtube.com/watch?v=OyQoHmcunk&rel=0&fs=0&width=640&height=360'];
// ^ ^ ^ ^

Categories