You are viewing a read-only archive of the Blogs.Harvard network. Learn more.
Skip to content

Interesting technique for reading obfuscated javascript

I have some tricks that I use to unravel obfuscated code but came upon this one tonight from dwesemann at sans.org

function showme(txt) {
document.write(“<textarea rows=”50″ cols=”50″>”);document.write(txt); document.write(“</textarea>”);
}

It’s nice in that you simply replace escape or document.write(ln) with showme and it will create a text box. I normally use the extremely lazy method of replacing those methods with alert. It’s super safe and simple to type. I may adapt this into my routine though. Props to dwesemann on this.

BTW as a note to browser developers could you PLEASE let me select text from alerts that I could copy to clipboard?

This was written by zeroday. Posted on Sunday, April 8, 2007, at 1:58 am. Filed under Digital Warfare. Bookmark the permalink. Follow comments here with the RSS feed. Post a comment or leave a trackback.

Post a Comment

You must be logged in to post a comment.
Proudly powered by WordPress. Hosted by Pressable.