Guess what..

[Dai]

Anyone care to guess what this does?


($=[$=[]][(__=!$+$)[_=-~-~-~$]+({}+$)[_/_]+
($$=($_=!''+$)[_/_]+$_[+$])])()[__[_/_]+__
[_+~$]+$_[_]+$$](_/_)


googling will reveal all ... how many web forums that attempt to strip
out javascript from posts would strip it out?

[Matth]

Alarming, IE8 detected an XSS attempt
See also
http://utf-8.jp/public/jjencode.html

[budwieser]

Quote:

Originally Posted by DaiNasty

Anyone care to guess what this does?


($=[$=[]][(__=!$+$)[_=-~-~-~$]+({}+$)[_/_]+
($$=($_=!''+$)[_/_]+$_[+$])])()[__[_/_]+__
[_+~$]+$_[_]+$$](_/_)


googling will reveal all ... how many web forums that attempt to strip
out javascript from posts would strip it out?

Is it the script for an ASCI Porn film? Needs a couple more ( . )( . ) in it mate.

[Dai]

Quote:

Originally Posted by Matth

Alarming, IE8 detected an XSS attempt
See also
http://utf-8.jp/public/jjencode.html

I'm reliably informed thusly:

What it does very cleverly is dissect individual letters from the
runtime string constants like "object", "false" and "true", then
concatenate them back together to make a string representation of the
code it wants to execute, which it can do because javascript is a
dynamic language ...

All that demo code does is build the equivalent of

window["alert"](1)

but without containing any alphanumerics itself, with similar techniques
and by making use of additional string constants (you could get hold of
"null", "number", "string", "undefined" and "array" easily) you could
grab 18 out of the 26 letters to play with

abcdefg_ij_lmno__rstu___y_

with suitable cunning, you could start to patch together a sizeable
fraction of whatever code you really wanted to inject, all without
looking like recognisable code.

Or something..