Ecek-ecek

Abis ketemu ama javascript yg di encrypt di binus ama imediabiz. Bentuk nya gak karuan, yang jelas tuh isi script nya jauh banget dari bahasa manusia.
Saya ambil contoh yang di binus tv aja yah yg simple (http://www.binus-access.com/bee-watch/index.php?tv=sctv), silakan view source, gak bakal keliatan link rtsp-nya kan :). yang ada malah karakter2 gak jelas :)

Duh, susah nih ngejelasin nya di sini, baca file txt nya aja yah, di sini

Sebagai bahan latihan silakan mencoba decrypt file ini, konsep decrypt nya sama kok :)

Updated : acc ripway di banned. asyuuuuuuuuuuuuuuuuuuu

Men-decrypt javascript yang ter-encrypt Studi kasus : binus tv : http://www.binus-access.com/bee-watch/index.php?tv=sctv Langkah 1. view source 2. Cari javascript yg ter-encrypt <script language="javascript"> document.write( unescape( '%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%0A%66%75%6E%63%74%69%6F%6E%20%7A%28%73%29%7B%0A%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%0A%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%0A%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E' ));z('*8Hhjsyjw*8J*5F*8Hg*8JXHY%5B*8H4g*8J*8Hgw*8J*5F*8Hf*75mwjk*8I*77myyu*8F44%7C%7C%7C3gnszx2fhhjxx3htr*77*8J*7%3DUt%7Cjwji*75g%7E*75Gnsf*75Szxfsyfwf*7%3E*8H4f*8J*5F*8H4hjsyjw*8J*5F*5F*8Htgojhy*75ni*8I*77tgoRt%7Bnj5*77*75hqfxxni*8I*77hqxni*8FHKHIFF582%3DGJ9266hk2G%3D9G25575FKGGHHKF*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*75gtwijw*8F65u%7D*75xtqni*75*78hhh*8Grfwlns2qjky*8F6u%7D*8G*77*75hqfxx*8I*77qjky*77*8J*5F*5F*8Hufwfr*75sfrj*8I*77htsywtqx*77*75%7Bfqzj*8I*77Nrflj%5Cnsit%7C*77*754*8J*5F*8Hufwfr*75sfrj*8I*77fzytxyfwy*77*75%7Bfqzj*8I*77ywzj*77*754*8J*5F*8Hufwfr*75sfrj*8I*77XWH*77*75%7Bfqzj*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*754*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*77*75htsywtqx*8I*77Nrflj%5Cnsit%7C*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*8H4jrgji*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75mjnlmy*8I*7785*77*75%7Cniym*8I*77795*77*75xy%7Eqj*8I*77%7Cniym*8F795u%7D*8Gmjnlmy*8F85u%7D*8Grfwlns2qjky*8F655u%7D*8Grfwlns2ytu*8F85u%7D*8G*77*75htsywtqx*8I*77HtsywtqUfsjq*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*75*5F*5F*8HSTJRGJI*8J*8Hf*75mwjk*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*8JUqf%7E*75%7Cnym*75WjfqTsj*75Uqf%7Ejw3*75*8H4f*8J*75*8H4STJRGJI*8J*75*8H4jrgji*8J*5F*8H4tgojhy*8J*5F5'); </script> 3. Kita decrypt dulu urldecode nya yaitu %3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%0A%66%75%6E%63%74%69%6F%6E%20%7A%28%73%29%7B%0A%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%0A%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%0A%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E 4. Silakan gunakan tool urldecode mana aja, misal http://www.yellowpipe.com/yis/tools/encrypter/index.php 5 Hasil urldecode : <script language="javascript"> function z(s){ var s1=unescape(s.substr(0,s.length-1)); var t=''; for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1)); document.write(unescape(t)); } </script> 6. Terlihat ada fungsi z disana, fungsi tersebut berguna untuk men-decrypt susunan karakter acak di z('8H... 7. Kita susun ulang javascript nya menjadi seperti ini. <script language="javascript"> function z(s){ var s1=unescape(s.substr(0,s.length-1)); var t=''; for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1)); document.write(unescape(t)); } z('*8Hhjsyjw*8J*5F*8Hg*8JXHY%5B*8H4g*8J*8Hgw*8J*5F*8Hf*75mwjk*8I*77myyu*8F44%7C%7C%7C3gnszx2fhhjxx3htr*77*8J*7%3DUt%7Cjwji*75g%7E*75Gnsf*75Szxfsyfwf*7%3E*8H4f*8J*5F*8H4hjsyjw*8J*5F*5F*8Htgojhy*75ni*8I*77tgoRt%7Bnj5*77*75hqfxxni*8I*77hqxni*8FHKHIFF582%3DGJ9266hk2G%3D9G25575FKGGHHKF*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*75gtwijw*8F65u%7D*75xtqni*75*78hhh*8Grfwlns2qjky*8F6u%7D*8G*77*75hqfxx*8I*77qjky*77*8J*5F*5F*8Hufwfr*75sfrj*8I*77htsywtqx*77*75%7Bfqzj*8I*77Nrflj%5Cnsit%7C*77*754*8J*5F*8Hufwfr*75sfrj*8I*77fzytxyfwy*77*75%7Bfqzj*8I*77ywzj*77*754*8J*5F*8Hufwfr*75sfrj*8I*77XWH*77*75%7Bfqzj*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*754*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*77*75htsywtqx*8I*77Nrflj%5Cnsit%7C*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*8H4jrgji*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75mjnlmy*8I*7785*77*75%7Cniym*8I*77795*77*75xy%7Eqj*8I*77%7Cniym*8F795u%7D*8Gmjnlmy*8F85u%7D*8Grfwlns2qjky*8F655u%7D*8Grfwlns2ytu*8F85u%7D*8G*77*75htsywtqx*8I*77HtsywtqUfsjq*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*75*5F*5F*8HSTJRGJI*8J*8Hf*75mwjk*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*8JUqf%7E*75%7Cnym*75WjfqTsj*75Uqf%7Ejw3*75*8H4f*8J*75*8H4STJRGJI*8J*75*8H4jrgji*8J*5F*8H4tgojhy*8J*5F5'); </script> 8. Tambahkan tag html textarea di dalam fungsi z, fungsinya agar javascript hasil decrypt nya bisa ditampilkan di dalam textarea, bukan dieksekusi oleh browser. Hasil akhirnya adalah sbb : <script language="javascript"> function z(s){ document.write("<textarea cols=100 rows=40>"); // tag pembuka textarea var s1=unescape(s.substr(0,s.length-1)); var t=''; for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1)); document.write(unescape(t)); document.write("</textarea>"); //tag penutup textarea } z('*8Hhjsyjw*8J*5F*8Hg*8JXHY%5B*8H4g*8J*8Hgw*8J*5F*8Hf*75mwjk*8I*77myyu*8F44%7C%7C%7C3gnszx2fhhjxx3htr*77*8J*7%3DUt%7Cjwji*75g%7E*75Gnsf*75Szxfsyfwf*7%3E*8H4f*8J*5F*8H4hjsyjw*8J*5F*5F*8Htgojhy*75ni*8I*77tgoRt%7Bnj5*77*75hqfxxni*8I*77hqxni*8FHKHIFF582%3DGJ9266hk2G%3D9G25575FKGGHHKF*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*75gtwijw*8F65u%7D*75xtqni*75*78hhh*8Grfwlns2qjky*8F6u%7D*8G*77*75hqfxx*8I*77qjky*77*8J*5F*5F*8Hufwfr*75sfrj*8I*77htsywtqx*77*75%7Bfqzj*8I*77Nrflj%5Cnsit%7C*77*754*8J*5F*8Hufwfr*75sfrj*8I*77fzytxyfwy*77*75%7Bfqzj*8I*77ywzj*77*754*8J*5F*8Hufwfr*75sfrj*8I*77XWH*77*75%7Bfqzj*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*754*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75xy%7Eqj*8I*77%7Cniym*8F995u%7D*8Gmjnlmy*8F88%3Au%7D*8G*77*75htsywtqx*8I*77Nrflj%5Cnsit%7C*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*8H4jrgji*8J*5F*5F*8Hjrgji*75xwh*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*75y%7Euj*8I*77fzint4%7D2us2wjfqfzint2uqzlns*77*75mjnlmy*8I*7785*77*75%7Cniym*8I*77795*77*75xy%7Eqj*8I*77%7Cniym*8F795u%7D*8Gmjnlmy*8F85u%7D*8Grfwlns2qjky*8F655u%7D*8Grfwlns2ytu*8F85u%7D*8G*77*75htsywtqx*8I*77HtsywtqUfsjq*77*75htsxtqj*8I*77drfxyjw*77*75fzytxyfwy*8I*77Ywzj*77*8J*75*5F*5F*8HSTJRGJI*8J*8Hf*75mwjk*8I*77wyxu*8F44y%7B3gnszx2fhhjxx3htr4gwtfihfxy4gjjdxhy%7B*77*8JUqf%7E*75%7Cnym*75WjfqTsj*75Uqf%7Ejw3*75*8H4f*8J*75*8H4STJRGJI*8J*75*8H4jrgji*8J*5F*8H4tgojhy*8J*5F5'); </script> 9. Simpan sebagai file html, misal binus.html 10. Buka binus.html menggunakan browser. Dah keliatan tuh script yg kacau balau tadi, mendekati bahasa manusia deh :) Nih hasil tampilan di browser <center> <b>SCTV</b><br> <a href="http://www.binus-access.com">(Powered by Bina Nusantara)</a> </center> <object id="objMovie0" classid="clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA" style="width:440px;height:335px; border:10px solid #ccc;margin-left:1px;" class="left"> <param name="controls" value="ImageWindow" /> <param name="autostart" value="true" /> <param name="SRC" value="rtsp://tv.binus-access.com/broadcast/bee_sctv" /> <embed src="rtsp://tv.binus-access.com/broadcast/bee_sctv" type="audio/x-pn-realaudio-plugin" style="width:440px;height:335px;" controls="ImageWindow" console="_master" autostart="True"></embed> <embed src="rtsp://tv.binus-access.com/broadcast/bee_sctv" type="audio/x-pn-realaudio-plugin" height="30" width="240" style="width:240px;height:30px;margin-left:100px;margin-top:30px;" controls="ControlPanel" console="_master" autostart="True"> <NOEMBED><a href="rtsp://tv.binus-access.com/broadcast/bee_sctv">Play with RealOne Player. </a> </NOEMBED> </embed> </object> DONE