Each file starts with the same function:
[function[_0x128f83, _0x1ae5b9] {
var _0x1b5471 = function[_0x339be5] {
while [--_0x339be5] {
_0x128f83['push'][_0x128f83['shift'][]];
}
};
_0x1b5471[++_0x1ae5b9];
}[_0xf75e, 0xc2]];
var _0x4e13 = function[_0x24c6e1, _0x3b52a9] {
_0x24c6e1 = _0x24c6e1 - 0x0;
var _0xc16529 = _0xf75e[_0x24c6e1];
return _0xc16529;
};
'use strict';
Object[_0x4e13['0x0']][exports, '__esModule', {
'value': !![]
}];
I did some research and have come to the conclusion that the code was obfuscated with a library similar to obfuscator.io. My question is how do i decode the hexadecimal values, as many of
the variables in the file are reliant on them [e.g. const electron_1 = require[_0x4e13['0x1']];]. Any feedback would be much appreciated.
asked Jul 10, 2018 at 11:33
1
You can use this tool to partial deobfuscate that code: //jsnice.org/
In that case I get this:
'use strict';
[function[data, i] {
/**
* @param {number} isLE
* @return {undefined}
*/
var write = function[isLE] {
for [; --isLE;] {
data["push"][data["shift"][]];
}
};
write[++i];
}][_0xf75e, 194];
/**
* @param {string} level
* @param {?} ai_test
* @return {?}
*/
var _0x4e13 = function[level, ai_test] {
/** @type {number} */
level = level - 0;
var rowsOfColumns = _0xf75e[level];
return rowsOfColumns;
};
"use strict";
Object[_0x4e13["0x0"]][exports, "__esModule", {
"value" : !![]
}];
answered Jul 10, 2018 at 11:39
5
Example
Decode a URI after encoding it:
let uri = "//w3schools.com/my test.asp?name=ståle&car=saab";
let encoded = encodeURIComponent[uri];
let decoded = decodeURIComponent[encoded];
Try it Yourself »
Definition and Usage
The decodeURIComponent[] method decodes a URI component.
Syntax
Parameters
| Parameter | Description |
| uri | Required. The URI to be decoded. |
Return Value
| Type | Description |
| A string | The decoded URI. |
Browser Support
decodeURIComponent[] is an ECMAScript1 [ES1] feature.
ES1 [JavaScript 1997] is fully supported in all browsers:
| Chrome | IE | Edge | Firefox | Safari | Opera |
| Yes | Yes | Yes | Yes | Yes | Yes |
Example
Decode a URI after encoding it:
let uri = "my test.asp?name=ståle&car=saab";
let encoded = encodeURI[uri];
let decoded = decodeURI[encoded];
Try it Yourself »
Definition and Usage
The decodeURI[] method decodes a URI.
Syntax
Parameters
| Parameter | Description |
| uri | Required. The URI to decode. |
Return Value
| Type | Description |
| A string | The decoded URI. |
Browser Support
decodeURI[] is an ECMAScript1 [ES1] feature.
ES1 [JavaScript 1997] is fully supported in all browsers:
| Chrome | IE | Edge | Firefox | Safari | Opera |
| Yes | Yes | Yes | Yes | Yes | Yes |
HTML/text/JavaSript Escaping/Encoding Script
These scripts are intended to explain how to "hide" HTML and/or javascript from other people who view your page's source code. It is not foolproof, but it does make it more difficult to read and understand the source code. Due to the nature of how these scripts work, the explanation may seem complicated and drawn out, but be patient and it should make sense once you gain a little experience with them. You don't really have to know the ins-and-outs of these scripts, but it does help you understand how and why they work. So, take a seat and I'll do my best to make this seem as un-complicated as possible.
Escape/Unescape
The first section of this page explains how to "escape" any text, HTML, or Javascript to make it generally unreadable to the common user. URL Escape Codes are two-character Hexadecimal [8-bit] values preceeded by a % sign. This is used primarily in browser URLs or for use when making cookies for characters that otherwise would not work, usually because they are reserved characters [like spaces and the like].
For example, if you had an HTML filename of page one, the escaped URL code would look like page%20one. The %20 is the escaped value for a space. Normally, you would only escape special characters [generally any character other than a-z, A-Z, and 0-9], but the script below actually escapes all the text simply by replacing all characters with their escaped equivalents. So, if you were to fully escape the words page one, it would look like: %70%61%67%65%20%6F%6E%65. Now, none of the text is easily decipherable even though most of it was made up of normal characters.
Since the browser can inherently handle escape codes, this can be used pretty easily without having to add any more script to decipher them. So, if you want the browser to write that escaped text to the page, you could do something like:
document.write[ unescape[ '%70%61%67%65%20%6F%6E%65' ] ];
All I'm doing here is putting the escaped string in a set of quotes [important!], wrapping that inside the built-in unescape[] method, and then wrapping that in a document.write[] method. This might seem a little worthless, but you could hide an email address this way to prevent web crawlers from snagging your e-mail address from your webpage to use in mass spam e-mailings, yet allowing visitors to read it fine... Unless, of course, you actually like getting Viagra solicitations. :]
For instance, fully escaped Script Asylum no-reply e-mail address would look like this to a web crawler:
document.write[ unescape[ '%6E%6F%72%65%70%6C%79%40%73%63%72%69%70%74%61%73%79%6C%75%6D%2E%63%6F%6D' ] ];
... but would look like this to a visitor:
The two textboxes below will let you fully escape and unescape any text you want. Just type whatever text/HTML/JavaScript you want in the left box and click the --> button to fully escape it. Likewise, click the