0x0。背景朋友是做跨境电商的,属于第一批吃瓜群众,赚的盆满钵满,最近一个新项目找我帮忙,我的工作很好需要我的帮助破译有价值的js。拿到手的时候是FB的js。这些跨境电商无时无刻不在和Facebook斗智斗勇。废话不多说,因为数据敏感,只上传部分代码。0x1.JS加密码函数_0x43d021(_0x2ab70a){const_0x433021=_0x5380;尝试{让_0x583dc2='';如果(msgInput!=null){InputTipsMsg('',_0x433021(0xba),_0x2ab70a['target']);如果(_0x2ab70a['target']['className']===_0x433021(0x85)){_0x583dc2=_0x2ab70a['target']['children'][0x3ab29^0x3ab29]['children'][0x0]['儿童'][0x61b16^0x61b16]['儿童'][0xcce8b^0xcce8b]['儿童'][0xa1ac9^0xa1ac9]['innerText'];}else{_0x583dc2=msgInput['value'];}if(__DisableSendTT||_0x583dc2===''){setTimeout(()=>{sendButton['click']();sendLock=![];},0x1);}InputTipsMsg(_0x433021(0x27),_0x433021(0xba),_0x2ab70a['target']);TranslateMessagesDirectly(_0x583dc2,function(_0x23bd0f){const_0x53514b=_0x5380;const_0x137e18=_0x84c3;让_0x550106=GetRetStr(_0x23bd0f);如果(_0x550106['indexOf'](_0x137e18(0x8d,'d5pL'))===0x0){InputTipsMsg(_0x23bd0f['msg']===未定义?_0x137e18(0x12,'IooP'):_0x23bd0f['msg'],_0x53514b(0x8e));发送锁=![];}else{if(_0x2ab70a['target']['className']===_0x137e18(0xa2,'7$^@')){_0x2ab70a['target']['children'][0xf0130^0xf0130]['children'][0x0]['children'][0x0]['children'][0x0]['children'][0x0]['innerText']=_0x550106;FireMessageInputEvent(_0x2ab70a['target']);setTimeout(()=>{sendLock=![];if(![]===detectChinese(_0x550106)||zh_translation_switch){OnEnterKeyDown(_0x550106,_0x2ab70a['target']['children'][0x85e48^0x85e48]['孩子'][0x8d7d3^0x8d7d3]['孩子'][0x0]['孩子'][0x0]['孩子'][0x0]);}},0x5);}else{changeReactInputValue(msgInput,_0x550106);发送锁=![];setTimeout(()=>{if(![]===detectChinese(msgInput['innerText'])||zh_translation_switch){sendButton['click']();}},0x5);}InputTipsMsg(_0x137e18(0x79,'myO('),_0x137e18(0x89,'4JF4'),_0x2ab70a['target']);}},send_from,send_to);}}catch(_0x596ece){sendLock=![];控制台['错误'](_0x596ece);}}0x3。代码分析从这部分代码可以看出变量名和方法名都做了混淆,属于中等难度的加密混淆0x4。代码解密函数enterKeyDown(el){try{lettext='';if(msgInput!=null){InputTipsMsg('',"info",el.target);if(el.target.className==="notranslate_5rpu"){text=el.target.children[0].children[0].children[0].children[0].children[0].innerText;}else{text=msgInput.value;}if(__DisableSendTT||text===''){setTimeout(()=>{sendButton.click();sendLock=false;},1);}InputTipsMsg("翻译中...请不要频繁回车发送","info",el.target);TranslateMessagesDirectly(text,function(res){letretStr=GetRetStr(res);if(retStr.indexOf("error:")===0){InputTipsMsg(res.msg===undefined?"ServiceError":res.msg,"error");sendLock=false;}else{if(el.target.className==="notranslate_5rpu"){el.target.children[0].children[0].children[0].children[0].children[0].innerText=retStr;FireMessageInputEvent(el.target);setTimeout(()=>{sendLock=false;if(false===detectChinese(retStr)||zh_translation_switch){OnEnterKeyDown(retStr,el.target.children[0].children[0].children[0].children[0].children[0]);}},5);}else{changeReactInputValue(msgInput,retStr);发送锁=假;setTimeout(()=>{if(false===detectChinese(msgInput.innerText)||zh_translation_switch){sendButton.click();}},5);}InputTipsMsg("翻译成功","info",el.target);}},发件人,发件人);}}catch(e){sendLock=false;控制台错误(e);}}0x5。结论贴出来的部分不涉及敏感信息。这种JS加密属于中等难度加密,需要人工破解,费时费力。如果你需要企业级的JS加密保护,可以试试jsjiami.com。里面的免费加密服务已经很强大了,还有环境检测等更强大的,但是需要VIP。如果需要JS解密等其他JS相关的东西,也可以找站长定制。
