识别javascript crackme加密方法算法
有没有办法确定加密方法 在这个crackme示例中,他们使用rc4 我花了几个小时在某个站点上迭代加密方法,提取“input128”值 更新以澄清: 屏幕上有一个文本输入元素,您输入一个值(设置为\u inputValue),然后单击一个按钮,函数执行,在最后几行,如果选择选项为2,它将打印“良好” 否则,选项列表中有5个坏选项 拆包和清洁后,主要功能是:识别javascript crackme加密方法算法,javascript,reverse-engineering,Javascript,Reverse Engineering,有没有办法确定加密方法 在这个crackme示例中,他们使用rc4 我花了几个小时在某个站点上迭代加密方法,提取“input128”值 更新以澄清: 屏幕上有一个文本输入元素,您输入一个值(设置为\u inputValue),然后单击一个按钮,函数执行,在最后几行,如果选择选项为2,它将打印“良好” 否则,选项列表中有5个坏选项 拆包和清洁后,主要功能是: var mainFunction = function(e) { var arr256 = new Array(); for
var mainFunction = function(e) {
var arr256 = new Array();
for (var index = 0; index < 256; index++) arr256[(index).toString()] = index;
var varX = 0;
var _inputValue = document.getElementsByTagName('input')[0]['value'];
for (var index = 0; index < 256; index++) {
var secret = 'click';
varX = (varX + arr256[(index).toString()] + secret.charCodeAt(index % 5)) % 256;
arr256[(index).toString()] ^= arr256[(varX).toString()];
arr256[(varX).toString()] ^= arr256[(index).toString()];
arr256[(index).toString()] ^= arr256[(varX).toString()];
}
index = varX = 0;
var cmpStr = '';
for (var index2 = index; index2 < _inputValue.length; index2 += 2) {
index = (index + 1) % 256;
varX = (varX + arr256[(index).toString()]) % 256;
arr256[(index).toString()] ^= arr256[(varX).toString()];
arr256[(varX).toString()] ^= arr256[(index).toString()];
arr256[(index).toString()] ^= arr256[(varX).toString()];
var parsedInt = parseInt(_inputValue.substr(index2, 2), 16);
var idxAtArr = arr256[(index).toString()];
var xAtArr = arr256[(varX).toString()];
var secondVal = arr256[((idxAtArr + xAtArr) % 256).toString()];
var xorVal = parsedInt ^ secondVal;
cmpStr += String.fromCharCode(xorVal);
}
var selectedOption = cmpStr.charCodeAt(cmpStr.charCodeAt(0) % cmpStr.length) % 6;
if (cmpStr != 'input128' && selectedOption == 2) selectedOption++;
optionsArr[(selectedOption).toString()]();
};
var mainFunction=函数(e){
var arr256=新数组();
对于(var index=0;index<256;index++)arr256[(index).toString()]=index;
var-varX=0;
var_inputValue=document.getElementsByTagName('input')[0]['value'];
对于(var索引=0;索引<256;索引++){
var secret='单击';
varX=(varX+arr256[(index.toString()]+secret.charCodeAt(index%5))%256;
arr256[(index.toString()])^=arr256[(varX.toString()];
arr256[(varX.toString()])^=arr256[(index.toString()];
arr256[(index.toString()])^=arr256[(varX.toString()];
}
指数=varX=0;
var cmpStr='';
对于(var index2=索引;index2<\u inputValue.length;index2+=2){
指数=(指数+1)%256;
varX=(varX+arr256[(index.toString()])%256;
arr256[(index.toString()])^=arr256[(varX.toString()];
arr256[(varX.toString()])^=arr256[(index.toString()];
arr256[(index.toString()])^=arr256[(varX.toString()];
var parsedInt=parseInt(_inputValue.substr(index2,2),16);
var idxAtArr=arr256[(index.toString()];
var xAtArr=arr256[(varX).toString();
var secondVal=arr256[(idxAtArr+xAtArr)%256).toString();
var xorVal=parsedInt^secondVal;
cmpStr+=String.fromCharCode(xorVal);
}
var selectedOption=cmpStr.charCodeAt(cmpStr.charCodeAt(0)%cmpStr.length)%6;
如果(cmpStr!=“input128”&&selectedOption==2)选择了选项++;
选项arr[(selectedOption).toString()();
};
Password: <input/><br/>
<button>Check</button>
<script id="urchin">
(function () {
var optionsArr = [
function () {
console.warn("boo")
},
function () {
console.warn(":(")
},
function () {
console.log("Congratz!")
},
function () {
console.warn("allmost there")
},
function () {
console.warn("muhaha")
},
function () {
console.warn("nahhh")
},
function () {
console.warn("not even close")
}
];
var mainFunction = function () {
var arr = [];
for (var i = 0; i < 256; i++) {
arr[i] = i;
}
var inputVal = document.getElementsByTagName('input')[0].value;
var varX = 0;
var secret = 'click';
for (var i2 = 0; i2 < 256; i2++) {
varX = (varX + arr[i2] + secret.charCodeAt(i2 % 5)) % 256;
arr[i2] ^= arr[varX];
arr[varX] ^= arr[i2];
arr[i2] ^= arr[varX];
}
var idx = varX = 0;
var cmpStr = '';
var key = 'input128';
for (var i3 = idx; i3 < key.length; i3 += 1) {
idx = (idx + 1) % 256;
varX = (varX + arr[idx]) % 256;
arr[idx] ^= arr[varX];
arr[varX] ^= arr[idx];
arr[idx] ^= arr[varX];
var hex2int = key.charCodeAt(i3);
var charCode = hex2int ^ arr[(arr[idx] + arr[varX]) % 256];
var hexCharCode = charCode.toString(16);
if (hexCharCode.length == 1) hexCharCode = '0' + hexCharCode;
cmpStr += hexCharCode;
}
alert('code is ' + cmpStr);
var selectedOption = cmpStr.charCodeAt(cmpStr.charCodeAt(0) % cmpStr.length) % 6;
if (cmpStr != key && selectedOption == 2) selectedOption++;
optionsArr[selectedOption]();
};
var btn = document.getElementsByTagName('button')[0];
if (typeof(btn.addEventListener) != typeof(mainFunction)) {
btn.attachEvent('onclick', mainFunction);
} else {
btn.addEventListener('click', mainFunction, true);
}
btn = document.getElementById('urchin');
btn.parentNode.removeChild(btn);
})();
</script>
密码:
检查
(功能(){
var optionsArr=[
函数(){
控制台警告(“boo”)
},
函数(){
控制台。警告(“:(”)
},
函数(){
log(“恭喜!”)
},
函数(){
console.warn(“那里的所有人”)
},
函数(){
控制台警告(“哈哈”)
},
函数(){
控制台警告(“nahhh”)
},
函数(){
控制台。警告(“甚至不关闭”)
}
];
var mainFunction=函数(){
var-arr=[];
对于(变量i=0;i<256;i++){
arr[i]=i;
}
var inputVal=document.getElementsByTagName('input')[0]。值;
var-varX=0;
var secret='单击';
对于(变量i2=0;i2<256;i2++){
varX=(varX+arr[i2]+secret.charCodeAt(i2%5))%256;
arr[i2]^=arr[varX];
arr[varX]^=arr[i2];
arr[i2]^=arr[varX];
}
var idx=varX=0;
var cmpStr='';
变量键='input128';
对于(var i3=idx;i3Password: <input/><br/>
<button>Check</button>
<script id="urchin">
(function () {
var optionsArr = [
function () {
console.warn("boo")
},
function () {
console.warn(":(")
},
function () {
console.log("Congratz!")
},
function () {
console.warn("allmost there")
},
function () {
console.warn("muhaha")
},
function () {
console.warn("nahhh")
},
function () {
console.warn("not even close")
}
];
function decryptFunc(inputVal, arr) {
var idx = 0, idx2 = 0;
var decrypt = '';
for (var i4 = idx; i4 < inputVal.length; i4 += 2) {
idx = (idx + 1) % 256;
idx2 = (idx2 + arr[idx]) % 256;
arr[idx] ^= arr[idx2];
arr[idx2] ^= arr[idx];
arr[idx] ^= arr[idx2];
var curHex = inputVal.substr(i4, 2);
var hex2int = parseInt(curHex, 16);
var charCode = hex2int ^ arr[(arr[idx] + arr[idx2]) % 256];
decrypt += String.fromCharCode(charCode);
}
return decrypt;
}
var mainFunction = function () {
var arr = [];
for (var i = 0; i < 256; i++) {
arr[i] = i;
}
var inputVal = document.getElementsByTagName('input')[0].value;
var i2 = 0;
var secret = 'click';
var originalKey = 'input128';
for (var i3 = 0; i3 < 256; i3++) {
i2 = (i2 + arr[i3] + secret.charCodeAt(i3 % 5)) % 256;
arr[i3] ^= arr[i2];
arr[i2] ^= arr[i3];
arr[i3] ^= arr[i2];
}
var decrypt = null;
var codeFound = false;
var s = '';
var idx = 1;
while (!codeFound) {
for (var h = 0; h < 256; h++) {
var hexLetter = h.toString(16);
var cmpKey = s + hexLetter;
decrypt = decryptFunc(cmpKey, arr);
// restore arr
arr = [99, 116, 115, 37, 16, 120, 211, 90, 197, 22, 166, 63, 146, 59, 123, 237, 93, 44, 76, 118, 168, 91, 55, 187, 62, 220, 135, 49, 127, 185, 153, 8, 66, 155, 152, 181, 117, 149, 31, 87, 169, 6, 172, 34, 101, 134, 107, 157, 199, 231, 124, 2, 243, 35, 241, 139, 68, 3, 159, 86, 77, 225, 105, 29, 144, 19, 32, 42, 227, 147, 133, 15, 160, 73, 190, 148, 82, 97, 170, 201, 212, 14, 18, 13, 193, 121, 143, 141, 182, 122, 21, 108, 112, 111, 217, 60, 250, 27, 137, 244, 191, 38, 171, 214, 248, 132, 228, 43, 232, 213, 223, 129, 28, 64, 247, 205, 138, 95, 202, 235, 61, 119, 224, 88, 238, 206, 230, 94, 195, 5, 179, 54, 72, 92, 136, 98, 188, 200, 173, 226, 198, 4, 71, 196, 126, 9, 69, 110, 84, 48, 85, 210, 30, 180, 229, 216, 162, 56, 75, 0, 67, 253, 163, 167, 53, 26, 7, 12, 174, 57, 130, 194, 209, 165, 1, 140, 183, 70, 23, 89, 150, 25, 145, 104, 233, 74, 142, 151, 222, 65, 207, 96, 154, 218, 106, 131, 255, 109, 254, 33, 113, 164, 203, 40, 246, 83, 192, 236, 189, 78, 158, 234, 177, 175, 161, 251, 100, 221, 219, 103, 50, 41, 242, 10, 249, 240, 20, 184, 24, 80, 52, 51, 81, 11, 156, 245, 114, 239, 186, 125, 17, 204, 128, 47, 36, 39, 215, 208, 46, 176, 178, 58, 45, 102, 252, 79];
if (decrypt == originalKey.substr(0, idx)) {
console.log(cmpKey, decrypt);
if (hexLetter.length == 1) hexLetter = '0' + hexLetter; // zero padding to convert to hex
s += hexLetter;
idx++;
break;
}
}
if (decrypt == originalKey) {
codeFound = true;
console.log('code is', s);
}
}
var selectedOption = decrypt.charCodeAt(decrypt.charCodeAt(0) % decrypt.length) % 6;
if (decrypt != originalKey && selectedOption == 2) selectedOption++;
optionsArr[selectedOption]();
};
var btn = document.getElementsByTagName('button')[0];
if (typeof(btn.addEventListener) != typeof(mainFunction)) {
btn.attachEvent('onclick', mainFunction);
} else {
btn.addEventListener('click', mainFunction, true);
}
btn = document.getElementById('urchin');
btn.parentNode.removeChild(btn);
})();
</script>
密码:
检查
(功能(){
var optionsArr=[
函数(){
控制台警告(“boo”)
},
函数(){
控制台。警告(“:(”)
},
函数(){
log(“恭喜!”)
},
函数(){
console.warn(“那里的所有人”)
},
函数(){
控制台警告(“哈哈”)
},
函数(){
控制台警告(“nahhh”)
},
函数(){
控制台。警告(“甚至不关闭”)
}
];
函数decryptFunc(inputVal,arr){
变量idx=0,idx2=0;
var decrypt='';
对于(变量i4=idx;i4