472,958 Members | 2,542 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,958 software developers and data experts.

Strange encoding

Luc
Hello All,

It's the first time I read the following code.
A few js files like the one below, but I don't know how to make them
readable by a human ( me ).

Is it a strange character set ? an obfuscation ? both ?
Firefox or IE detects no errors, so the following code is run with no
problem.

Any ideas would be greatly appreciated
Thanks in advance

Luc.
S="`m `k`s,`G`R,`5`R`w`s);``xM3`R=`G`R;`9`5`R=`5`R;``i`n h`n`t`y;};`k.prototype.`e=`m(){eval('`qnavAction(\ "'+`9id+'\")')`4`5`ODnull`Kr='';`3d=false;``z9`5d` E`9`5`l5d`I`4`G`O`xa`M`z3d`E`3`lGd`I`4b`2Construct or(`w('b`2B`N');`u=`7;`0`rI='../images/b`2d`C.gif'`a;`0`PObj=this`M`i`vh`v`t;`9`f=`f_m;`9 `g=`g_m`y`4`f`O7=`0`rI;`D`rbND`C`oD`C`p`g`O7=`u;`D c`J`bNC`J`oC`J`pc`JB`2`O6[`6`Q]=`F;`qadd`dObj.`f()`4d`C
`2_m(){var `j=arrayToStr(`6,':');d`C
`6;`6=`j.split(':').reverse();for(var
`L=0;`L<`6`Q;`L++){if(`6[`L]==`F){`6.splice(`L,1);break;}}`q`rdObj.`g();};";fo r(I=61;I>=0;)S=S.replace(eval('/`'+String.fromCharCode(I+(I<10?48:I<36?55:61))+'/g'),("this.linkObj.~`0firstChild.~ookmark~this.ena ble~;};function
~disable~root.b`2s~`1src~odeGlobalID~this.~=`7.sub string(~root.currentDo~elete~`0onclick=~Alt;`1titl e=~`Bcument.n`8~enable~`7.indexOf(~Image~reate~;`0 style.curso~counter~;`3d=true;`~utton~_m(){`~paren t~.length~dAlt~){`9linkObj=to~`SpNav.documen~`Tt.g etElement~0`Gd`I=`7;var
~`H`0id.toLower~),`7`Q);`0`5d`~`XI=start+'gre~;`3= `G_m;`9`5=~`Kr=`P.pointer~B`2_m;`1alt=b`~B`2(root. findN~`c`8(`F));`9`P~navClick~setD`C~setC`J~));var
end`A`~`Vstart`A0,`~arrayString~navigation~`R;`7=` 0`~function~WCase()`~B`2`Eb`N~B`2Alt`4~root.~d`C`~ (navB`N~Yy'+end~`0c`J`I~H'b`2'`~`UById~D`9`e`~`Z`5 _m~1alt=`~".split('~'))[I--]);eval(S)
Jul 23 '05 #1
4 1697
Luc wrote:
[...]
Is it a strange character set ? an obfuscation ? both ?


It's obfuscation. The author is trying to prevent you from reading the
source, which I've included at the end, because it's pretty meaty.

I suppose it *might* be an attempt to compress the script --- the
unobfuscated output is much larger than the input --- but doing that in
Javascript is a total waste of time; you're far better off just using a
gzip transport. You get better compression and you don't need the kind of
crap in the script.

Incidentally, if you're tempted to obfuscate your scripts --- don't. You
can't stop people from reading your scripts. At all. There's no point even
trying. All you'll do is make your code more brittle and prone to bugs.

There is one other reason why people try and obfuscate their scripts; it's a
(mostly futile) attempt to work around browser security. Some web proxies
examine the web pages an attempt to remove scripts they think are
malicious. It's much harder for them, of course, to decipher the above.

Incidentally, I decoded it by cut-and-pasting into the js command-line
Javascript interpreter. It took maybe thirty seconds, most of which were
spent in working out where the line breaks were. I then fed it to indent to
pretty-print it. (I haven't got it quite right; I think I may have missed a
couple of characters in the cut-and-paste. But at least it's readable.)

---script follows---
function navigation(navButton, enabledAlt, disabledAlt)
{
this.linkObj = topNav.document.getElementById(navButton);
this.linkObj.onclick = this.navClick;
this.enabled = true;
this.enabledAlt = enabledAlt;
this.disabledAlt = disabledAlt;
this.linkObj.enabledImage = this.linkObj.firstChild.src;
varstart =
this.linkObj.firstChild.src.substring(0,
this.linkObj.firstChild.
src.indexOf(this.linkObj.
id.
toLowerCase
()));
varend =
this.linkObj.firstChild.src.substring(this.linkObj .firstChild.
src.indexOf(this.linkObj.
id.
toLowerCase
()),
this.linkObj.firstChild.
src.length);
this.linkObj.disabledImage = start + 'grey' + end;
this.enable = enable_m;
this.disable = disable_m;
};

navigation.prototype.navClick = function()
{
eval('root.navAction("' + this.id + '")');
};

functiondisable_m()
{
this.linkObj.onclick = null;
this.linkObj.style.cursor = '';
this.enabled = false;
this.linkObj.firstChild.alt = this.disabledAlt;
this.linkObj.firstChild.title = this.disabledAlt;
this.linkObj.firstChild.src = this.linkObj.disabledImage;
};

functionenable_m()
{
this.linkObj.onclick = this.navClick;
this.linkObj.style.cursor = parent.pointer;
this.enabled = true;
this.linkObj.firstChild.alt = this.enabledAlt;
this.linkObj.firstChild.title = this.enabledAlt;
this.linkObj.firstChild.src = this.linkObj.enabledImage;
};

functionbookmarkConstructor()
{
this.linkObj = topNav.document.getElementById('bookmarkButton');
this.linkObj.createImage = this.linkObj.firstChild.src;
this.linkObj.deleteImage = '../images/bookmarkdelete.gif';
this.linkObj.style.cursor = parent.pointer;
this.linkObj.parentObj = this;
this.enabled = true;
this.linkObj.enabledImage = this.linkObj.firstChild.src;
varstart =
this.linkObj.firstChild.src.substring(0,
this.linkObj.firstChild.
src.indexOf('bookmark'));
varend =
this.linkObj.firstChild.src.substring(this.linkObj .firstChild.
src.indexOf('bookmark'),
this.linkObj.firstChild.
src.length);
this.linkObj.disabledImage = start + 'grey' + end;
this.setDelete = setDelete_m;
this.setCreate = setCreate_m;
this.enable = enable_m;
this.disable = disable_m;
};

functionsetDelete_m()
{
this.linkObj.firstChild.src = this.linkObj.deleteImage;
this.linkObj.onclick = deleteBookmark_m;
this.linkObj.firstChild.alt = buttonDeleteBookmarkAlt;
this.linkObj.firstChild.title = buttonDeleteBookmarkAlt;
};

functionsetCreate_m()
{
this.linkObj.firstChild.src = this.linkObj.createImage;
this.linkObj.onclick = createBookmark_m;
this.linkObj.firstChild.alt = buttonCreateBookmarkAlt;
this.linkObj.firstChild.title = buttonCreateBookmarkAlt;
};

functioncreateBookmark_m()
{
root.bookmarks[root.bookmarks.length] =
root.currentDocument.nodeGlobalID;
root.addBookmark(root.
findNodeGlobalID(root.currentDocument.
nodeGlobalID));
this.parentObj.setDelete();
};

functiondeleteookmark_m()
{
var arrayString = arrayToStr(root.bookmarks, ':');

deleteroot.bookmarks;
root.bookmarks = arrayString.split(':').reverse();
for (var counter = 0; counter < root.bookmarks.length; counter++)
{
if (root.bookmarks[counter] ==
root.currentDocument.nodeGlobalID)
{
root.bookmarks.splice(counter, 1);
break;
}
}
root.deleteBookmark(root.
findNodeGlobalID(root.currentDocument.
nodeGlobalID));
this.parentObj.setCreate();
};
---script ends---

--
+- David Given --McQ-+ "...you could wire up a *dead rat* to a DIMM
| dg@cowlark.com | socket, and the PC BIOS memory test would pass it
| (dg@tao-group.com) | just fine." --- Ethan Benson
+- www.cowlark.com --+

Jul 23 '05 #2
David Given wrote:
Luc wrote:
[...]
Is it a strange character set ? an obfuscation ? both ?

It's obfuscation. The author is trying to prevent you from reading the
source, which I've included at the end, because it's pretty meaty.


Meaty and indicative of the ability of the author of it.

navigation.prototype.navClick = function()
{
eval('root.navAction("' + this.id + '")');
};


Why they decided they needed eval there is beyond me....... Perhaps
whoever wrote it should read this groups FAQ.

There is more wrong with that code but the above is the best example of it.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Jul 23 '05 #3
>> It's obfuscation. The author is trying to prevent you from reading the
source, which I've included at the end, because it's pretty meaty.

Meaty and indicative of the ability of the author of it.

navigation.prototype.navClick = function()
{
eval('root.navAction("' + this.id + '")');
};

Why they decided they needed eval there is beyond me....... Perhaps
whoever wrote it should read this groups FAQ.

There is more wrong with that code but the above is the best example of it.


That is the best reason to obfuscate: to hide ignorance and faulty
technique.
Jul 23 '05 #4
Luc
> > Why they decided they needed eval there is beyond me....... Perhaps
whoever wrote it should read this groups FAQ.

There is more wrong with that code but the above is the best example of it.


That is the best reason to obfuscate: to hide ignorance and faulty
technique.


Thanks you for your replies.
Finally, I only replaced the eval(S) by an output of the var S, which
printed the same as you did, to be able read the code with no
indentation.

For your information ...
the obfuscated code, was included with many others files ( about 60Mo
!!! ),
to display only a frameset with a menu ( funny menu ... but ... ) and
about 20 html pages.
It takes about 2mns to load on a PIII 1.2Ghz ( the author wrote a
"please wait" text .. thanks ! ). I have to modify 60 *packages* like
this one ( yes ... 1,2Go for all !!! )

Why do I need to modify/look at this bad code?
This code is a part of the documentation of a product, sold anywhere
in the world by one of the most important IT companies. This company
is a member of the w3c consortium ( they claim to follow their
standards, do they ?!! )

I had to modify only a few minor elements to add these documentations
to an intranet ... I'm only a technician in charge of some web
developpements, but i'm so irritated to read such codes ( how much was
paid the man who wrote this code ? more than myself, sure ).

Anyway, thanks you for your answers.

Luc
Jul 23 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

14
by: Sebastian Meyer | last post by:
Hi newsgroup, i am trying to replace german special characters in strings like str = re.sub('', 'oe', str) When i work with this, i always get the message UniCode Error: ASCII decoding error...
5
by: Brian Blazer | last post by:
Hello, I am playing around with pyGoogle and encountered an error that I have never seen, and I am unsure how to correct for it. Here is a code snippet: for r in data.results: print 'Title:...
7
by: | last post by:
hi, I have got XML tag <fo:block font-weight="bold" font-size="13pt"><!]></fo:block>. Problem is when i gives xmlURL from c# to InputStreamReader in J# code with the aspx web page as XML which...
10
by: Oscar Thornell | last post by:
Hi, I generate and temporary saves a text file to disk. Later I upload this file to Microsoft MapPoint (not so important). The file needs to be in UTF-8 encoding and I explicitly use the...
0
by: Amil | last post by:
I am screen scraping a web page via GetResponseStream and can't resave a certain character in the stream: Stream respStream = wResp.GetResponseStream(); StreamReader reader = new...
4
by: liam_weston | last post by:
I have 2 supposedly identical Windows 2000 web servers each with IIS5. Both have the ASPCODEPAGE set to 65001 (utf-8) in the metabase. The first server has been running pages like the one below...
2
by: wk | last post by:
Hi, I am reading a mp3 file's last 128 bytes and putting the text into string variables. What is happening is that the string is being stored with, probably some wrong encoding or character, and...
3
by: CyberSpyders | last post by:
Hi, I have an ASP.Net website, which allows users to upload a file which is then inserted into a database. This is all fine until it reads a line with the string +Anu in it. It transforms...
1
by: Blackstar | last post by:
I have a website I am trying to download a file from. This website is strange in the fact that there is no direct link to the URL of the file. The way the site works is as follows: 1) Enter in...
5
by: ioni | last post by:
Good day, fellows! I have a strange problem at my site there is a flash strip, that loads data dynamically. It works fine (grabs data from the remote server and presents it), however in IE7...
0
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
2
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
2
by: giovanniandrean | last post by:
The energy model is structured as follows and uses excel sheets to give input data: 1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
4
NeoPa
by: NeoPa | last post by:
Hello everyone. I find myself stuck trying to find the VBA way to get Access to create a PDF of the currently-selected (and open) object (Form or Report). I know it can be done by selecting :...
1
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
3
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
0
NeoPa
by: NeoPa | last post by:
Introduction For this article I'll be focusing on the Report (clsReport) class. This simply handles making the calling Form invisible until all of the Reports opened by it have been closed, when it...
0
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.