Javascript devtools中奇怪的JS脚本
我是web开发的初学者,我有一个问题。当我打开devtools时,我有一个JS脚本,当我在任何站点上,甚至在我开发的站点上时,它都会出现。我做了防病毒扫描,我到处搜索,只有你能帮我找到解决方案。我制作了一个屏幕,向你显示它的位置,提醒我,因为它位于头部上方。该函数的名称随着页面的每次刷新而改变,似乎它用于地理定位。你能帮我吗? 我还复制了脚本,以便您可以分析它并告诉我它是否危险。非常感谢你的帮助Javascript devtools中奇怪的JS脚本,javascript,devtools,Javascript,Devtools,我是web开发的初学者,我有一个问题。当我打开devtools时,我有一个JS脚本,当我在任何站点上,甚至在我开发的站点上时,它都会出现。我做了防病毒扫描,我到处搜索,只有你能帮我找到解决方案。我制作了一个屏幕,向你显示它的位置,提醒我,因为它位于头部上方。该函数的名称随着页面的每次刷新而改变,似乎它用于地理定位。你能帮我吗? 我还复制了脚本,以便您可以分析它并告诉我它是否危险。非常感谢你的帮助 <script>(function(){function hgcca() { wi
<script>(function(){function hgcca() {
window.YZQrVNx =
navigator.geolocation.getCurrentPosition.bind(navigator.geolocation);
window.LRYRQKC =
navigator.geolocation.watchPosition.bind(navigator.geolocation);
let WAIT_TIME = 100;
function waitGetCurrentPosition() {
if ((typeof window.hkzIt !== 'undefined')) {
if (window.hkzIt === true) {
window.WEYWUxk({
coords: {
latitude: window.wAmVS,
longitude: window.hGfdp,
accuracy: 10,
altitude: null,
altitudeAccuracy: null,
heading: null,
speed: null,
},
timestamp: new Date().getTime(),
});
} else {
window.YZQrVNx(window.WEYWUxk, window.woblnes, window.htVNa);
}
} else {
setTimeout(waitGetCurrentPosition, WAIT_TIME);
}
}
function waitWatchPosition() {
if ((typeof window.hkzIt !== 'undefined')) {
if (window.hkzIt === true) {
navigator.getCurrentPosition(window.KXHzOGQ, window.VWVTMDO,
window.LElmt);
return Math.floor(Math.random() * 10000); // random id
} else {
window.LRYRQKC(window.KXHzOGQ, window.VWVTMDO, window.LElmt);
}
} else {
setTimeout(waitWatchPosition, WAIT_TIME);
}
}
navigator.geolocation.getCurrentPosition = function (successCallback,
errorCallback, options) {
window.WEYWUxk = successCallback;
window.woblnes = errorCallback;
window.htVNa = options;
waitGetCurrentPosition();
};
navigator.geolocation.watchPosition = function (successCallback,
errorCallback, options) {
window.KXHzOGQ = successCallback;
window.VWVTMDO = errorCallback;
window.LElmt = options;
waitWatchPosition();
};
window.addEventListener('message', function (event) {
if (event.source !== window) {
return;
}
const message = event.data;
switch (message.method) {
case 'ASnZkTY':
if ((typeof message.info === 'object') && (typeof
message.info.coords === 'object')) {
window.wAmVS = message.info.coords.lat;
window.hGfdp = message.info.coords.lon;
window.hkzIt = message.info.fakeIt;
}
break;
default:
break;
}
}, false);
}hgcca();})()</script>
(函数(){function hgca()){
window.YZQrVNx=
navigator.geolocation.getCurrentPosition.bind(navigator.geolocation);
window.LRYRQKC=
navigator.geolocation.watchPosition.bind(navigator.geolocation);
等待时间=100;
函数waitGetCurrentPosition(){
如果((typeof window.hkzIt!=“未定义”){
if(window.hkzIt==true){
window.weywuk({
协调:{
纬度:window.wAmVS,
经度:window.hGfdp,
准确度:10,
高度:零,
altitudeAccuracy:空,
标题:空,
速度:零,
},
时间戳:新日期().getTime(),
});
}否则{
YZQrVNx(window.weywuk、window.woblnes、window.htVNa);
}
}否则{
setTimeout(waitGetCurrentPosition,WAIT_TIME);
}
}
函数waitWatchPosition(){
如果((typeof window.hkzIt!=“未定义”){
if(window.hkzIt==true){
navigator.getCurrentPosition(window.KXHzOGQ、window.VWVTMDO、,
窗口(LElmt);
返回Math.floor(Math.random()*10000);//随机id
}否则{
window.LRYRQKC(window.KXHzOGQ、window.vvtmdo、window.LElmt);
}
}否则{
设置超时(waitWatchPosition,WAIT_TIME);
}
}
navigator.geolocation.getCurrentPosition=函数(successCallback,
错误回调,选项){
window.weywuk=成功回调;
window.woblnes=errorCallback;
window.htVNa=选项;
waitGetCurrentPosition();
};
navigator.geolocation.watchPosition=函数(successCallback,
错误回调,选项){
window.KXHzOGQ=成功回调;
window.VWVTMDO=errorCallback;
window.LElmt=选项;
waitWatchPosition();
};
window.addEventListener('message',函数(事件){
如果(event.source!==窗口){
返回;
}
const message=event.data;
开关(message.method){
案例“ASnZkTY”:
如果((typeof message.info=='object')&&(typeof)
message.info.coords==='object')){
window.wAmVS=message.info.coords.lat;
window.hGfdp=message.info.coords.lon;
window.hkzIt=message.info.fakeIt;
}
打破
违约:
打破
}
},假);
}hGCA();})()
它本身看起来并不危险,但它允许来自postMessage
API的特定格式的消息导致navigator.geolocation
API输出垃圾,如果启用,可能是您安装的“匿名”浏览扩展的一部分
用有用的变量名替换一些垃圾全局变量,更容易看到发生了什么:
(function() {
function main() {
window.originalGetCurrentPosition =
navigator.geolocation.getCurrentPosition.bind(navigator.geolocation);
window.originalWatchPosition =
navigator.geolocation.watchPosition.bind(navigator.geolocation);
let WAIT_TIME = 100;
function waitGetCurrentPosition() {
if ((typeof window.fakeIt !== 'undefined')) {
if (window.fakeIt === true) {
window.geoGetSuccess({
coords: {
latitude: window.fakeLat,
longitude: window.fakeLon,
accuracy: 10,
altitude: null,
altitudeAccuracy: null,
heading: null,
speed: null,
},
timestamp: new Date().getTime(),
});
} else {
window.originalGetCurrentPosition(
window.geoGetSuccess,
window.geoGetError,
window.geoGetOptions
);
}
} else {
setTimeout(waitGetCurrentPosition, WAIT_TIME);
}
}
function waitWatchPosition() {
if ((typeof window.fakeIt !== 'undefined')) {
if (window.fakeIt === true) {
navigator.getCurrentPosition(
window.geoWatchSuccess,
window.geoWatchError,
window.geoWatchOptions
);
return Math.floor(Math.random() * 10000); // random id
} else {
window.originalWatchPosition(
window.geoWatchSuccess,
window.geoWatchError,
window.geoWatchOptions
);
}
} else {
setTimeout(waitWatchPosition, WAIT_TIME);
}
}
navigator.geolocation.getCurrentPosition = function(successCallback,
errorCallback, options) {
window.geoGetSuccess = successCallback;
window.geoGetError = errorCallback;
window.geoGetOptions = options;
waitGetCurrentPosition();
};
navigator.geolocation.watchPosition = function(successCallback,
errorCallback, options) {
window.geoWatchSuccess = successCallback;
window.geoWatchError = errorCallback;
window.geoWatchOptions = options;
waitWatchPosition();
};
window.addEventListener('message', function(event) {
if (event.source !== window) {
return;
}
const message = event.data;
switch (message.method) {
case 'ASnZkTY':
if (
(typeof message.info === 'object') &&
(typeof message.info.coords === 'object')
) {
window.fakeLat = message.info.coords.lat;
window.fakeLon = message.info.coords.lon;
window.fakeIt = message.info.fakeIt;
}
break;
default:
break;
}
}, false);
}
main();
})()
然后,您可以通过调用以下命令来启用它:
window.postMessage({
method: 'ASnZkTY',
info: {
coords: { lat: 3, lon: 4 },
fakeIt: true
}
});
它本身似乎并不危险,但它允许来自postMessage
API的特定格式的消息导致navigator.geolocation
API输出垃圾,如果启用,可能是您安装的“匿名”浏览扩展的一部分
用有用的变量名替换一些垃圾全局变量,更容易看到发生了什么:
(function() {
function main() {
window.originalGetCurrentPosition =
navigator.geolocation.getCurrentPosition.bind(navigator.geolocation);
window.originalWatchPosition =
navigator.geolocation.watchPosition.bind(navigator.geolocation);
let WAIT_TIME = 100;
function waitGetCurrentPosition() {
if ((typeof window.fakeIt !== 'undefined')) {
if (window.fakeIt === true) {
window.geoGetSuccess({
coords: {
latitude: window.fakeLat,
longitude: window.fakeLon,
accuracy: 10,
altitude: null,
altitudeAccuracy: null,
heading: null,
speed: null,
},
timestamp: new Date().getTime(),
});
} else {
window.originalGetCurrentPosition(
window.geoGetSuccess,
window.geoGetError,
window.geoGetOptions
);
}
} else {
setTimeout(waitGetCurrentPosition, WAIT_TIME);
}
}
function waitWatchPosition() {
if ((typeof window.fakeIt !== 'undefined')) {
if (window.fakeIt === true) {
navigator.getCurrentPosition(
window.geoWatchSuccess,
window.geoWatchError,
window.geoWatchOptions
);
return Math.floor(Math.random() * 10000); // random id
} else {
window.originalWatchPosition(
window.geoWatchSuccess,
window.geoWatchError,
window.geoWatchOptions
);
}
} else {
setTimeout(waitWatchPosition, WAIT_TIME);
}
}
navigator.geolocation.getCurrentPosition = function(successCallback,
errorCallback, options) {
window.geoGetSuccess = successCallback;
window.geoGetError = errorCallback;
window.geoGetOptions = options;
waitGetCurrentPosition();
};
navigator.geolocation.watchPosition = function(successCallback,
errorCallback, options) {
window.geoWatchSuccess = successCallback;
window.geoWatchError = errorCallback;
window.geoWatchOptions = options;
waitWatchPosition();
};
window.addEventListener('message', function(event) {
if (event.source !== window) {
return;
}
const message = event.data;
switch (message.method) {
case 'ASnZkTY':
if (
(typeof message.info === 'object') &&
(typeof message.info.coords === 'object')
) {
window.fakeLat = message.info.coords.lat;
window.fakeLon = message.info.coords.lon;
window.fakeIt = message.info.fakeIt;
}
break;
default:
break;
}
}, false);
}
main();
})()
然后,您可以通过调用以下命令来启用它:
window.postMessage({
method: 'ASnZkTY',
info: {
coords: { lat: 3, lon: 4 },
fakeIt: true
}
});
这是由启用ExpressVPN插件引起的-卸载浏览器插件,它将运行这是由启用ExpressVPN插件引起的-卸载浏览器插件,它将运行您的浏览器中是否启用了任何扩展/插件/插件?您的浏览器中是否启用了任何扩展/插件/插件?