-->
 ›   › 

Cara Mudah Melihat Javascript yang di Encrypt (Enkripsi)

Posted by Dhanny
at
Post a Comment

Daftar isi


1. Intro - Apa sih Encrypt


Halo gaes.. karena beberapa hari ini lagi getol ngoprek blogger jadi satu satu ilmu nambah :D. Gaes.. sebagai penikmat template gratis punya orang (selain template bawaan blogger) bisa dibilang 99% ada bagian-bagian yang di enkripsi terutama kode Javascript, sah-sah saja mereka melakukan itu karena membuat template itu ngk gampang gaes. Menurut ensklopedia bebas wiki Enkripsi adalah proses mengamankan suatu informasi dengan membuat informasi tersebut tidak dapat dibaca tanpa bantuan pengetahuan khusus. Gaes mungkin pernah nonton film The Imitation Game (2014) ceritanya tentang perang antara Jerman & Amerika. Di film itu ceritanya Amerika sakit kepala sama metode enkripsi milik Jerman tapi akhirnya Alan Turing selaku pemeran utama berhasil membuat mesin yang dapat mengurai kode-kode enkripsi. Nama mesinnya(Enigma),Gaes cerita ini jadi legendaris loh karena setelah menciptakan mesin ini Alan Turing bunuh diri pake buah apel yang ada sianida. Tau logo apel kegigit kan gaes? iya itu inspirasinya dari cerita ini. Buat yang pensaran sama filmnya tonton aja ratting di rottentomatoes 89%

2. Encrypt

Sekarang kita coba untuk men-enkripsi dulu biar sedikit-sedikit ngerti bagaimana prosesnya.

contoh Javascript

var lightBox = $('#lightbox'),
    lightBoxContent = $('#lb-content');

var positionLightbox = function() {
    var veiwWidth = $(window).width(),
        lbContentMargin = (veiwWidth / 2) - 148,
        lbContent = $('#lb-content');

    lbContent.css({
        'left' : lbContentMargin,
        'top' : $(window).scrollTop() + 50 + 'px'
    });
};

$('#search-submit').click(function() {
    lightBox.fadeIn(function() {
        lightBoxContent.show();                               
    });
    positionLightbox();
});

$('#lb-close').click(function() {
    lightBox.hide();
    lightBoxContent.hide();
});

script diatas pertama kita enkripsi menggunakan Javascript Obfuscator dengan opsi default dan hasilnya menjadi seperti ini :

var _0xde37=["\x23\x6C\x69\x67\x68\x74\x62\x6F\x78","\x23\x6C\x62\x2D\x63\x6F\x6E\x74\x65\x6E\x74",
"\x77\x69\x64\x74\x68","\x73\x63\x72\x6F\x6C\x6C\x54\x6F\x70","\x70\x78","\x63\x73\x73",
"\x73\x68\x6F\x77","\x66\x61\x64\x65\x49\x6E","\x63\x6C\x69\x63\x6B",
"\x23\x73\x65\x61\x72\x63\x68\x2D\x73\x75\x62\x6D\x69\x74",
"\x68\x69\x64\x65","\x23\x6C\x62\x2D\x63\x6C\x6F\x73\x65"];
var lightBox=$(_0xde37[0]),lightBoxContent=$(_0xde37[1]);var positionLightbox=function()
{var _0x2d91x4=$(window)[_0xde37[2]](),_0x2d91x5=(_0x2d91x4/ 2)- 148,_0x2d91x6=$(_0xde37[1]);_0x2d91x6[_0xde37[5]]({"\x6C\x65\x66\x74":_0x2d91x5,"\x74\x6F\x70":$(window)[_0xde37[3]]()+ 50+ _0xde37[4]})};
$(_0xde37[9])[_0xde37[8]](function(){lightBox[_0xde37[7]]
(function(){lightBoxContent[_0xde37[6]]()});positionLightbox()});$(_0xde37[11])[_0xde37[8]](function(){lightBox[_0xde37[10]]();lightBoxContent[_0xde37[10]]()})

ngga selesai sampe disini gaes, setelah itu masih di bungkus lagi (packer) pake toolsnya punya dean.edwards.name hasilnya jadi seperti dibawah:

eval(function(p,a,c,k,e,r)
{e=function(c){return(c35?String.fromCharCode(c+29):c.toString(36))};
if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('k b=["\\l\\c\\i\\E\\j\\d\\m\\e\\u","\\l\\c\\m\\o\\f\\e\\p\\d\\h\\p\\d","\\v\\i\\q\\d\\j","\\g\\f\\w\\e\\c\\c\\F\\e\\r","\\r\\u","\\f\\g\\g","\\g\\j\\e\\v","\\x\\y\\q\\h\\G\\p","\\f\\c\\i\\f\\H","\\l\\g\\h\\y\\w\\f\\j\\o\\g\\I\\m\\J\\i\\d","\\j\\i\\q\\h","\\l\\c\\m\\o\\f\\c\\e\\g\\h"];k s=$(b[0]),t=$(b[1]);
k z=n(){k a=$(A)[b[2]](),B=(a/2)-K,C=$(b[1]);C[b[5]]({"\\c\\h\\x\\d":B,"\\d\\e\\r":$(A)[b[3]]()+L+b[4]})};$(b[9])[b[8]](n(){s[b[7]](n(){t[b[6]]()});z()});$(b[M])[b[8]](n(){s[b[D]]();t[b[D]]()})',49,49,'|||||||||||_0xde37|x6C|x74|x6F|x63|x73|x65|x69|x68|var|x23|x62|
function|x2D|x6E|x64|x70|lightBox|lightBoxContent|x78|x77|x72|x66|x61|positionLightbox|window|_0x2d91x5|_0x2d91x6|10|x67|x54|x49|x6B|x75|x6D|148|50|11'.split('|'),0,{}))

ini biasanya adalah bentuk terakhir yang banyak dipake sama blogger indonesia, template template luar seperti dari soratemplates akan di bungkus sampai beberapa kali kemudian masih di tambah lagi dengan hex encode contohnya jadi begini:

\x65\x76\x61\x6c\x28\x66\x75\x6e\x63\x74\x69\x6f\x6e\x28\x70\x2c\x61\x2c
\x63\x2c\x6b\x2c\x65\x2c\x72\x29\x7b\x65\x3d\x66\x75\x6e\x63\x74\x69\x6f\x6e\x28\x63
\x29\x7b\x72\x65\x74\x75\x72\x6e\x28\x63\x3c\x61\x3f\x27\x27\x3a\x65\x28\x70\x61\x72\
x73\x65\x49\x6e\x74\x28\x63\x2f\x61\x29\x29\x29\x2b\x28\x28\x63\x3d\x63\x25\x61\x29
\x3e\x33\x35\x3f\x53\x74\x72\x69\x6e\x67\x2e\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f
\x64\x65\x28\x63\x2b\x32\x39\x29\x3a\x63\x2e\x74\x6f\x53\x74\x72\x69\x6e\x67\x28\
x33\x36\x29\x29\x7d\x3b\x69\x66\x28\x21\x27\x27\x2e\x72\x65\x70\x6c\x61\x6
3\x65\x28\x2f\x5e\x2f\x2c\x53\x74\x72\x69\x6e\x67\x29\x29\x7b\x77\x68\x69\x6c\
x65\x28\x63\x2d\x2d\x29\x72\x5b\x65\x28\x63\x29\x5d\x3d\x6b\x5b\x63\x5d\x7c\x7c
\x65\x28\x63\x29\x3b\x6b\x3d\x5b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x28\x65\x29\x7b
\x72\x65\x74\x75\x72\x6e\x20\x72\x5b\x65\x5d\x7d\x5d\x3b\x65\x3d\x66\x75\x6e\x63
\x74\x69\x6f\x6e\x28\x29\x7b\x72\x65\x74\x75\x72\x6e\x27\x5c\x5c\x77\x2b\x27\x7d\
x3b\x63\x3d\x31\x7d\x3b\x77\x68\x69\x6c\x65\x28\x63\x2d\x2d\x29\x69\x66\x28\x6b\
x5b\x63\x5d\x29\x70\x3d\x70\x2e\x72\x65\x70\x6c\x61\x63\x65\x28\x6e\x65\x77
\x20\x52\x65\x67\x45\x78\x70\x28\x27\x5c\x5c\x62\x27\x2b\x65\x28\x63\x29\x2b\x27\
x5c\x5c\x62\x27\x2c\x27\x67\x27\x29\x2c\x6b\x5b\x63\x5d\x29\x3b\x72\x65\x74\x75\
x72\x6e\x20\x70\x7d\x28\x27\x6b\x20\x62\x3d\x5b\x22\x5c\x5c\x6c\x5c\x5c\x63\x5c\
x5c\x69\x5c\x5c\x45\x5c\x5c\x6a\x5c\x5c\x64\x5c\x5c\x6d\x5c\x5c\x65\x5c\x5c\x75\
x22\x2c\x22\x5c\x5c\x6c\x5c\x5c\x63\x5c\x5c\x6d\x5c\x5c\x6f\x5c\x5c\x66\x5c\x5c\
x65\x5c\x5c\x70\x5c\x5c\x64\x5c\x5c\x68\x5c\x5c\x70\x5c\x5c\x64\x22\x2c\x22\x5c\
x5c\x76\x5c\x5c\x69\x5c\x5c\x71\x5c\x5c\x64\x5c\x5c\x6a\x22\x2c\x22\x5c\x5c\x67\
x5c\x5c\x66\x5c\x5c\x77\x5c\x5c\x65\x5c\x5c\x63\x5c\x5c\x63\x5c\x5c\x46\x5c\x5c\
x65\x5c\x5c\x72\x22\x2c\x22\x5c\x5c\x72\x5c\x5c\x75\x22\x2c\x22\x5c\x5c\x66\x5c\
x5c\x67\x5c\x5c\x67\x22\x2c\x22\x5c\x5c\x67\x5c\x5c\x6a\x5c\x5c\x65\x5c\x5c\x76\
x22\x2c\x22\x5c\x5c\x78\x5c\x5c\x79\x5c\x5c\x71\x5c\x5c\x68\x5c\x5c\x47\x5c\x5c\
x70\x22\x2c\x22\x5c\x5c\x66\x5c\x5c\x63\x5c\x5c\x69\x5c\x5c\x66\x5c\x5c\x48\
x22\x2c\x22\x5c\x5c\x6c\x5c\x5c\x67\x5c\x5c\x68\x5c\x5c\x79\x5c\x5c\x77\x5c\x5c\
x66\x5c\x5c\x6a\x5c\x5c\x6f\x5c\x5c\x67\x5c\x5c\x49\x5c\x5c\x6d\x5c\x5c\x4a\x5c\x5c
\x69\x5c\x5c\x64\x22\x2c\x22\x5c\x5c\x6a\x5c\x5c\x69\x5c\x5c\x71\x5c\x5c\x68\x22\x2c\
x22\x5c\x5c\x6c\x5c\x5c\x63\x5c\x5c\x6d\x5c\x5c\x6f\x5c\x5c\x66\x5c\x5c\x63\x5c\
x5c\x65\x5c\x5c\x67\x5c\x5c\x68\x22\x5d\x3b\x6b\x20\x73\x3d\x24\x28\x62\x5b\x30\
x5d\x29\x2c\x74\x3d\x24\x28\x62\x5b\x31\x5d\x29\x3b\x6b\x20\x7a\x3d\x6e\x28\x29\
x7b\x6b\x20\x61\x3d\x24\x28\x41\x29\x5b\x62\x5b\x32\x5d\x5d\x28\x29\x2c\x42\x3d\
x28\x61\x2f\x32\x29\x2d\x4b\x2c\x43\x3d\x24\x28\x62\x5b\x31\x5d\x29\x3b\x43\x5b\
x62\x5b\x35\x5d\x5d\x28\x7b\x22\x5c\x5c\x63\x5c\x5c\x68\x5c\x5c\x78\x5c\x5c\x64\
x22\x3a\x42\x2c\x22\x5c\x5c\x64\x5c\x5c\x65\x5c\x5c\x72\x22\x3a\x24\x28\x41\x29\
x5b\x62\x5b\x33\x5d\x5d\x28\x29\x2b\x4c\x2b\x62\x5b\x34\x5d\x7d\x29\x7d\x3b\x24\
x28\x62\x5b\x39\x5d\x29\x5b\x62\x5b\x38\x5d\x5d\x28\x6e\x28\x29\x7b\x73\x5b\x62\
x5b\x37\x5d\x5d\x28\x6e\x28\x29\x7b\x74\x5b\x62\x5b\x36\x5d\x5d\x28\x29\x7d\x29\
x3b\x7a\x28\x29\x7d\x29\x3b\x24\x28\x62\x5b\x4d\x5d\x29\x5b\x62\x5b\x38\x5d\x5d\
x28\x6e\x28\x29\x7b\x73\x5b\x62\x5b\x44\x5d\x5d\x28\x29\x3b\x74\x5b\x62\x5b\x44\
x5d\x5d\x28\x29\x7d\x29\x27\x2c\x34\x39\x2c\x34\x39\x2c\x27\x7c\x7c\x7c\x7c\x7c\
x7c\x7c\x7c\x7c\x7c\x7c\x5f\x30\x78\x64\x65\x33\x37\x7c\x78\x36\x43\x7c\x78\x37\
x34\x7c\x78\x36\x46\x7c\x78\x36\x33\x7c\x78\x37\x33\x7c\x78\x36\x35\x7c\x78\x36\
x39\x7c\x78\x36\x38\x7c\x76\x61\x72\x7c\x78\x32\x33\x7c\x78\x36\x32\x7c\x66\x75\
x6e\x63\x74\x69\x6f\x6e\x7c\x78\x32\x44\x7c\x78\x36\x45\x7c\x78\x36\x34\x7c\x78\
x37\x30\x7c\x6c\x69\x67\x68\x74\x42\x6f\x78\x7c\x6c\x69\x67\x68\x74\x42\x6f\x78\
x43\x6f\x6e\x74\x65\x6e\x74\x7c\x78\x37\x38\x7c\x78\x37\x37\x7c\x78\x37\x32\x7c\
x78\x36\x36\x7c\x78\x36\x31\x7c\x70\x6f\x73\x69\x74\x69\x6f

Jangan pakai kode-kode diatas untuk ujicoba decrypt gaes, karena supaya masuk kedalam frame pre kode-kode terpaksa di kasih enter

3. Decrypt


Enkripsinya ribet ya gaes hehehe... tapi decryptnya nggga begitu. sekarang kita coba untuk mengembalikan kode-kode yang sudah di enrypt. ada 3 website yang perlu kita gunakan untuk proses ini (untuk enkripsi tidak sampai pada Hex Encode cukup 2 aja)
  1. Dedecode.com
  2. dean Unpacker atau Matthewfl.com
  3. Beautifier.io
  4. esprima.org Validasi Script

untuk yang nomer 1 itu kusus jika scriptnya masih hex encode. Untuk langkah2 decryptnya begini gaes (yang pake hex encode nanti dibahas kusus):
  1. copy kode script bentuk terakhir seperti contoh diatas ke website Unpacker, terserah mau pakai yang mana aja boleh punyanya Dean atau Matt
  2. Copy hasil decrypt tadi, paste-kan ke website Beautifier.io

    Viola.. Javascript sekarang dapat terbaca lagi, tapi coba lihat yang di highlight warna kuning, nama variable yang sebelumnya digunakan sekarang sudah berubah, tapi itu tidak ada masalah karena nama variable bisa apa saja dan tidak mempengaruhi fungsi script. Gampang ya gaes.. cukup 2 langkah :D
  3. Masuk ke websitenya esprima, paste-kan kode script dari langkah terakhir. Ini langkah tambahan aja, untuk memastikan apakah script yang di Decrypt tadi sudah benar atau belum


Selamat mencoba gaes, ini cuman untuk pembelajaran ya tapi walau bagaimanapun ilmu itu seperti pisau, bermata dua.. tergantung untuk apa digunakannya.

itu Sudah
Baca Juga
Labels:

Related Posts

Post a Comment

Post a Comment

Subscribe Our Newsletter
About Contact Disclaimer Privacy Policy Sitemap