Preface

If you say that again IP Request count detection 、 Captcha is the most common anti crawler technology , Maybe everyone's ears are cocooned . Of course , Some students wrote about reptiles for several days , I think reptiles are too simple 、 There's no challenge . So I found three websites with certain difficulty , Hope you can be interested in the manual practice .

This article is only for knowledge expansion and train of thought guidance , The website anti climbing technology involved in it , Only do technical study discussion .

Font encryption

Font encryption is summed up in one sentence : What you see is not what you see .

Address

The cat's eye film :https://maoyan.com/films/343568

Problem reduction

Have you seen the recent battle of Godzilla , Am I beautiful? , The score is high or not , How much is the box office ? Let's go to cat's eye .

This is the problem : Why the score and box office in the source code are " Mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth mouth "? Where are the ratings and box office that you see on the page ?

Their roots

Don't talk much , Look at the source :

I'm more doubtful after reading it , This &#x What is it ? This is actually html The escape sequence in , Indicates that hexadecimal is followed , After printing on the console , Pictured :

These figures have nothing to do with the box office at present . Then find a way to connect them .

Found the following code from the web page :

In fact, this is css Use in @font-face adopt woff The file has custom Fonts , The hexadecimal number in the source code must be mapped through this font to display correctly . It's like UTF-8 and GBK The relationship between , If the encoding and decoding are consistent, there will be no garbled code .

I will be here woff Download the font file locally and open it with a tool .

The box office is 5.74 Billion , The main focus here is on numbers 5. As can be seen from the above figure 5 The corresponding is glyph11.

Use the tool to woff File conversion to xml Format :

glyph11 The corresponding is id=11 Of glyph, Their corresponding name by uniE8CD. And then xml Find uniE8CD The corresponding hexadecimal :

Pictured ,uniE8CD The corresponding is 0xe8cd, in other words Numbers 5 The corresponding is 0xe8cd, It's the first number output on the console .

eval() & JS encryption

js Encrypted and placed in eval() In the implementation of . If you want to restore js, Use in the developer console console.log() Output decrypted js. Because no matter it is eval() still log(),js The parsing execution ultimately depends on the browser kernel .

Address

TV cat :https://www.tvmao.com/program/CCTV

Problem reduction

On the channel episodes page , In the morning 、 At noon 、 Evening shows . Pictured :

When sending a request to get the channel series data , It is found that only morning program data is returned ,12 We can't get the series data after the point .

View source code of webpage :

Their roots

We're in the console's request , Search for keywords in a web page " Bear paradise ", harm , Sure enough , I really searched .

The result of this response is an array , Subscript 0 Represents the flag bit :1 Representative got the data ,0 Representative didn't get the data ; Subscript 1 It's data bits , The return data of the corresponding interface .

The code to parse this response result is complicated , You need to replace the extra content .

The code is as follows :

In fact, the above code is not important !! Then we follow the cable to see his request part :

You can see from the request header that , Request just one parameter p,1、2、3... A full 186 position , Look at this parameter. It's very long , Like the lonely rain lane . Although I can't wait for the girl with the oil paper umbrella , But at least look at this parameter first p How it was generated .

Search... In the search box api and pg keyword , Find the following code :

Never mind the rest , with ajax Nine times out of ten the words are ajax Request the , Parameters p The value of is a variable a, In generating variables a Set a breakpoint in the code of , Click on the " To view more " The button triggers the breakpoint , Then enter the A.d() Method :

Turn up , see js Upper part :

In fact, it's over here , You see, in the d() Call... Again w(),w() Also called A In other ways , Put this js The chain of method calls in , Inline each method code , Finally, the parameters are calculated p, That's all right. .

that , Well said eval Well , It's all right. It's encrypted js Well ?

Don't panic, young Xia , This will take you to continue to see . If you look carefully , And you'll find that on top js The file name of is anonymous / temporary , So this is not the original website js file , It's after the browser kernel parses js.

How to find the original one js file ?

I don't know if you know the search function , Look at the top js There is keyStr This keyword , Let's search for a wave of .

see , Pictured ,eval() With , encryption js There are also , Copy to text as follows :

eval(function(h, b, i, d, g, f) {
g = function(a) {
return (a < b ? "" : g(parseInt(a / b))) + ((a = a % b) > 35 ? String.fromCharCode(a + 29) : a.toString(36))
}
;
if (!"".replace(/^/, String)) {
while (i--) {
f[g(i)] = d[i] || g(i)
}
d = [function(a) {
return f[a]
}
];
g = function() {
return "\\w+"
}
;
i = 1
}
while (i--) {
if (d[i]) {
h = h.replace(new RegExp("\\b" + g(i) + "\\b","g"), d[i])
}
}
return h
}('5 A={z:"1o+/=",1b:"1l=1k",J:j(a){5 b="";5 c,L,M,14,16,O,N;5 i=0;a=A.1g(a);1t(i<a.R){c=a.S(i++);L=a.S(i++);M=a.S(i++);14=c>>2;16=((c&3)<<4)|(L>>4);O=((L&15)<<2)|(M>>6);N=M&Q;9(1f(L)){O=N=18}K 9(1f(M)){N=18}b=b+y.z.C(14)+y.z.C(16)+y.z.C(O)+y.z.C(N)}8 b},H:j(a){a=a.1G();5 b=\'\';Z(5 i=0;i<a.R;i++){b+=y.1b[a.C(i)]}Z(5 i=0;i<a.R;i++){b+=y.z[a.C(i)]}8 b},1g:j(a){a=a.1B(/\\r\\n/g,"\\n");5 b="";Z(5 n=0;n<a.R;n++){5 c=a.S(n);9(c<P){b+=I.G(c)}K 9((c>1x)&&(c<1w)){b+=I.G((c>>6)|1q);b+=I.G((c&Q)|P)}K{b+=I.G((c>>12)|1p);b+=I.G(((c>>6)&Q)|P);b+=I.G((c&Q)|P)}}8 b},E:j(a){$(\':U[V="19"]\',a).10(A.J(\'l\'+$(".19",a).10()+\'o\'))},B:j(a){5 b=(1c 1d()).1i();9(a!=m)8 A.J(a+\'|\'+b);K 8 A.J(\'\'+b)},e:j(u){5 x=1;5 f=$(\'T\').13();5 a=f.W("U[11=\'1j\']");9(a!=m){x=2}K 9(u!=m){x=u}9(f==m)8 x;8 f.D(\'a\')},c:j(e){5 v;5 f=$(\'T\').13();9(f==m)8"";5 s=f.W("*[17=\'1m\']");9(s==m){v=f.W("U[11=\'1n\']");9(v==m)8"";v=e}v=s.D(\'Y\');8 v},d:j(p,h){5 v=A.w(h);5 a=$("1r.1s");5 x=a||p;9(a!=m){x=h||$("s.1h")}x=A.c();5 b=1c 1d();5 c=b.1u();5 d=b.1v();5 i=d==0?7:d;i=i*i;5 F=y.z.C(i);8 F+A.J(x+"|"+A.e(p))+v},w:j(v){5 t=$("1y");5 a="|";9(t==m){X="/"}K{X=v}5 r=A.J(a+k(X));8 r},s:j(a,b){5 c=y.z.C(1z);8 A.J(c+a)}};5 k=j(a){5 f=$(\'T\').13();9(f==m)8"";5 b=f.D(\'Y\');9(b==m)f.D(\'Y\',a);8 f.D(\'q\')};$(j(){5 b=$(\'<U 17="1A" V="1a"/>\');b.10(A.B());$(\'T[V="1C"]\').1D(b);$(\'a[11^="1E"]\').1F(j(){5 a=$(y).D("1e")+"&1a="+1H(A.B());$(y).D("1e",a)})});', 62, 106, "|||||var|||return|if||||||||||function|||undefined||||||||||||this|_keyStr|||charAt|attr|||fromCharCode||String||else|chr2|chr3|enc4|enc3|128|63|length|charCodeAt|form|input|name|find|tl|id|for|val|class||first|enc1||enc2|type|64|ed|ek|_keyStr2|new|Date|href|isNaN|_C|fix1|getTime|baidu|DVGO|KQMFS|submit|qq|ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789|224|192|div|fix|while|getUTCDate|getDay|2048|127|head|37|hidden|replace|frmlogin|append|by|each|toString|encodeURIComponent".split("|"), 0, {}))

In the console eval() Encryption in js Use console.log() Print out , The result and the previous anonymity js equally .

Pictured :

setCookie & Obfuscate encryption

Actually setCookie It's a js Obfuscate encryption , But the reason I call him setCookie, Because its code starting point and core revolve around a setCookie function .

Address

zhaopin :https://jobs.zhaopin.com/beijing

Problem reduction



When making a request to the above address , I found that the content of the returned web page is a bunch of incomprehensible " The statement ".

Pictured :

Here I copy the response , For you to read .

<html><script src="//aeu.alicdn.com/waf/antidomxss.js"></script><script>
var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';
var _0x4818=['\x63\x73\x4b\x48\x77\x71\x4d\x49','\x5a\x73\x4b\x4a\x77\x72\x38\x56\x65\x41\x73\x79','\x55\x63\x4b\x69\x4e\x38\x4f\x2f\x77\x70\x6c\x77\x4d\x41\x3d\x3d','\x4a\x52\x38\x43\x54\x67\x3d\x3d','\x59\x73\x4f\x6e\x62\x53\x45\x51\x77\x37\x6f\x7a\x77\x71\x5a\x4b\x65\x73\x4b\x55\x77\x37\x6b\x77\x58\x38\x4f\x52\x49\x51\x3d\x3d','\x77\x37\x6f\x56\x53\x38\x4f\x53\x77\x6f\x50\x43\x6c\x33\x6a\x43\x68\x4d\x4b\x68\x77\x36\x48\x44\x6c\x73\x4b\x58\x77\x34\x73\x2f\x59\x73\x4f\x47','\x66\x77\x56\x6d\x49\x31\x41\x74\x77\x70\x6c\x61\x59\x38\x4f\x74\x77\x35\x63\x4e\x66\x53\x67\x70\x77\x36\x4d\x3d','\x4f\x63\x4f\x4e\x77\x72\x6a\x43\x71\x73\x4b\x78\x54\x47\x54\x43\x68\x73\x4f\x6a\x45\x57\x45\x38\x50\x63\x4f\x63\x4a\x38\x4b\x36','\x55\x38\x4b\x35\x4c\x63\x4f\x74\x77\x70\x56\x30\x45\x4d\x4f\x6b\x77\x34\x37\x44\x72\x4d\x4f\x58','\x48\x4d\x4f\x32\x77\x6f\x48\x43\x69\x4d\x4b\x39\x53\x6c\x58\x43\x6c\x63\x4f\x6f\x43\x31\x6b\x3d','\x61\x73\x4b\x49\x77\x71\x4d\x44\x64\x67\x4d\x75\x50\x73\x4f\x4b\x42\x4d\x4b\x63\x77\x72\x72\x43\x74\x6b\x4c\x44\x72\x4d\x4b\x42\x77\x36\x34\x64','\x77\x71\x49\x6d\x4d\x54\x30\x74\x77\x36\x52\x4e\x77\x35\x6b\x3d','\x44\x4d\x4b\x63\x55\x30\x4a\x6d\x55\x77\x55\x76','\x56\x6a\x48\x44\x6c\x4d\x4f\x48\x56\x63\x4f\x4e\x58\x33\x66\x44\x69\x63\x4b\x4a\x48\x51\x3d\x3d','\x77\x71\x68\x42\x48\x38\x4b\x6e\x77\x34\x54\x44\x68\x53\x44\x44\x67\x4d\x4f\x64\x77\x72\x6a\x43\x6e\x63\x4f\x57\x77\x70\x68\x68\x4e\x38\x4b\x43\x47\x63\x4b\x71\x77\x36\x64\x48\x41\x55\x35\x2b\x77\x72\x67\x32\x4a\x63\x4b\x61\x77\x34\x49\x45\x4a\x63\x4f\x63\x77\x72\x52\x4a\x77\x6f\x5a\x30\x77\x71\x46\x39\x59\x67\x41\x56','\x64\x7a\x64\x32\x77\x35\x62\x44\x6d\x33\x6a\x44\x70\x73\x4b\x33\x77\x70\x59\x3d','\x77\x34\x50\x44\x67\x63\x4b\x58\x77\x6f\x33\x43\x6b\x63\x4b\x4c\x77\x72\x35\x71\x77\x72\x59\x3d','\x77\x72\x4a\x4f\x54\x63\x4f\x51\x57\x4d\x4f\x67','\x77\x71\x54\x44\x76\x63\x4f\x6a\x77\x34\x34\x37\x77\x72\x34\x3d','\x77\x35\x58\x44\x71\x73\x4b\x68\x4d\x46\x31\x2f','\x77\x72\x41\x79\x48\x73\x4f\x66\x77\x70\x70\x63','\x4a\x33\x64\x56\x50\x63\x4f\x78\x4c\x67\x3d\x3d','\x77\x72\x64\x48\x77\x37\x70\x39\x5a\x77\x3d\x3d','\x77\x34\x72\x44\x6f\x38\x4b\x6d\x4e\x45\x77\x3d','\x49\x4d\x4b\x41\x55\x6b\x42\x74','\x77\x36\x62\x44\x72\x63\x4b\x51\x77\x70\x56\x48\x77\x70\x4e\x51\x77\x71\x55\x3d','\x64\x38\x4f\x73\x57\x68\x41\x55\x77\x37\x59\x7a\x77\x72\x55\x3d','\x77\x71\x6e\x43\x6b\x73\x4f\x65\x65\x7a\x72\x44\x68\x77\x3d\x3d','\x55\x73\x4b\x6e\x49\x4d\x4b\x57\x56\x38\x4b\x2f','\x77\x34\x7a\x44\x6f\x63\x4b\x38\x4e\x55\x5a\x76','\x63\x38\x4f\x78\x5a\x68\x41\x4a\x77\x36\x73\x6b\x77\x71\x4a\x6a','\x50\x63\x4b\x49\x77\x34\x6e\x43\x6b\x6b\x56\x62','\x4b\x48\x67\x6f\x64\x4d\x4f\x32\x56\x51\x3d\x3d','\x77\x70\x73\x6d\x77\x71\x76\x44\x6e\x47\x46\x71','\x77\x71\x4c\x44\x74\x38\x4f\x6b\x77\x34\x63\x3d','\x77\x37\x77\x31\x77\x34\x50\x43\x70\x73\x4f\x34\x77\x71\x41\x3d','\x77\x71\x39\x46\x52\x73\x4f\x71\x57\x4d\x4f\x71','\x62\x79\x42\x68\x77\x37\x72\x44\x6d\x33\x34\x3d','\x4c\x48\x67\x2b\x53\x38\x4f\x74\x54\x77\x3d\x3d','\x77\x71\x68\x4f\x77\x37\x31\x35\x64\x73\x4f\x48','\x55\x38\x4f\x37\x56\x73\x4f\x30\x77\x71\x76\x44\x76\x63\x4b\x75\x4b\x73\x4f\x71\x58\x38\x4b\x72','\x59\x69\x74\x74\x77\x35\x44\x44\x6e\x57\x6e\x44\x72\x41\x3d\x3d','\x59\x4d\x4b\x49\x77\x71\x55\x55\x66\x67\x49\x6b','\x61\x42\x37\x44\x6c\x4d\x4f\x44\x54\x51\x3d\x3d','\x77\x70\x66\x44\x68\x38\x4f\x72\x77\x36\x6b\x6b','\x77\x37\x76\x43\x71\x4d\x4f\x72\x59\x38\x4b\x41\x56\x6b\x35\x4f\x77\x70\x6e\x43\x75\x38\x4f\x61\x58\x73\x4b\x5a\x50\x33\x44\x43\x6c\x63\x4b\x79\x77\x36\x48\x44\x72\x51\x3d\x3d','\x77\x6f\x77\x2b\x77\x36\x76\x44\x6d\x48\x70\x73\x77\x37\x52\x74\x77\x6f\x39\x38\x4c\x43\x37\x43\x69\x47\x37\x43\x6b\x73\x4f\x52\x54\x38\x4b\x6c\x57\x38\x4f\x35\x77\x72\x33\x44\x69\x38\x4f\x54\x48\x73\x4f\x44\x65\x48\x6a\x44\x6d\x63\x4b\x6c\x4a\x73\x4b\x71\x56\x41\x3d\x3d','\x4e\x77\x56\x2b','\x77\x37\x48\x44\x72\x63\x4b\x74\x77\x70\x4a\x61\x77\x70\x5a\x62','\x77\x70\x51\x73\x77\x71\x76\x44\x69\x48\x70\x75\x77\x36\x49\x3d','\x59\x4d\x4b\x55\x77\x71\x4d\x4a\x5a\x51\x3d\x3d','\x4b\x48\x31\x56\x4b\x63\x4f\x71\x4b\x73\x4b\x31','\x66\x51\x35\x73\x46\x55\x6b\x6b\x77\x70\x49\x3d','\x77\x72\x76\x43\x72\x63\x4f\x42\x52\x38\x4b\x6b','\x4d\x33\x77\x30\x66\x51\x3d\x3d','\x77\x36\x78\x58\x77\x71\x50\x44\x76\x4d\x4f\x46\x77\x6f\x35\x64'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['\x70\x75\x73\x68'](_0x4c97f0['\x73\x68\x69\x66\x74']());}};var _0x3cd6c6=function(){var _0xb8360b={'\x64\x61\x74\x61':{'\x6b\x65\x79':'\x63\x6f\x6f\x6b\x69\x65','\x76\x61\x6c\x75\x65':'\x74\x69\x6d\x65\x6f\x75\x74'},'\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+'\x3d'+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['\x6c\x65\x6e\x67\x74\x68'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+='\x3b\x20'+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['\x70\x75\x73\x68'](_0xd79219);_0x178627=_0x20bf34['\x6c\x65\x6e\x67\x74\x68'];if(_0xd79219!==!![]){_0xba82f0+='\x3d'+_0xd79219;}}_0x5e8b26['\x63\x6f\x6f\x6b\x69\x65']=_0xba82f0;},'\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65':function(){return'\x64\x65\x76';},'\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('\x28\x3f\x3a\x5e\x7c\x3b\x20\x29'+_0x189946['\x72\x65\x70\x6c\x61\x63\x65'](/([.$?*|{}()[]\/+^])/g,'\x24\x31')+'\x3d\x28\x5b\x5e\x3b\x5d\x2a\x29'));var _0x52d57c=function(_0x105f59,_0x3fd789){_0x105f59(++_0x3fd789);};_0x52d57c(_0x4db1c,_0x1742fd);return _0x25af93?decodeURIComponent(_0x25af93[0x1]):undefined;}};var _0x4a2aed=function(){var _0x124d17=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return _0x124d17['\x74\x65\x73\x74'](_0xb8360b['\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65']['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};_0xb8360b['\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65']=_0x4a2aed;var _0x2d67ec='';var _0x120551=_0xb8360b['\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65']();if(!_0x120551){_0xb8360b['\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65'](['\x2a'],'\x63\x6f\x75\x6e\x74\x65\x72',0x1);}else if(_0x120551){_0x2d67ec=_0xb8360b['\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65'](null,'\x63\x6f\x75\x6e\x74\x65\x72');}else{_0xb8360b['\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65']();}};_0x3cd6c6();}(_0x4818,0x15b));var _0x55f3=function(_0x4c97f0,_0x1742fd){var _0x4c97f0=parseInt(_0x4c97f0,0x10);var _0x48181e=_0x4818[_0x4c97f0];if(!_0x55f3['\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64']){(function(){var _0xdf49c6=Function('\x72\x65\x74\x75\x72\x6e\x20\x28\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x28\x29\x20'+'\x7b\x7d\x2e\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72\x28\x22\x72\x65\x74\x75\x72\x6e\x20\x74\x68\x69\x73\x22\x29\x28\x29'+'\x29\x3b');var _0xb8360b=_0xdf49c6();var _0x389f44='\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x2b\x2f\x3d';_0xb8360b['\x61\x74\x6f\x62']||(_0xb8360b['\x61\x74\x6f\x62']=function(_0xba82f0){var _0xec6bb4=String(_0xba82f0)['\x72\x65\x70\x6c\x61\x63\x65'](/=+$/,'');for(var _0x1a0f04=0x0,_0x18c94e,_0x41b2ff,_0xd79219=0x0,_0x5792f7='';_0x41b2ff=_0xec6bb4['\x63\x68\x61\x72\x41\x74'](_0xd79219++);~_0x41b2ff&&(_0x18c94e=_0x1a0f04%0x4?_0x18c94e*0x40+_0x41b2ff:_0x41b2ff,_0x1a0f04++%0x4)?_0x5792f7+=String['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](0xff&_0x18c94e>>(-0x2*_0x1a0f04&0x6)):0x0){_0x41b2ff=_0x389f44['\x69\x6e\x64\x65\x78\x4f\x66'](_0x41b2ff);}return _0x5792f7;});}());_0x55f3['\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64']=!![];}if(!_0x55f3['\x72\x63\x34']){var _0x232678=function(_0x401af1,_0x532ac0){var _0x45079a=[],_0x52d57c=0x0,_0x105f59,_0x3fd789='',_0x4a2aed='';_0x401af1=atob(_0x401af1);for(var _0x124d17=0x0,_0x1b9115=_0x401af1['\x6c\x65\x6e\x67\x74\x68'];_0x124d17<_0x1b9115;_0x124d17++){_0x4a2aed+='\x25'+('\x30\x30'+_0x401af1['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x124d17)['\x74\x6f\x53\x74\x72\x69\x6e\x67'](0x10))['\x73\x6c\x69\x63\x65'](-0x2);}_0x401af1=decodeURIComponent(_0x4a2aed);for(var _0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x45079a[_0x2d67ec]=_0x2d67ec;}for(_0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec]+_0x532ac0['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x2d67ec%_0x532ac0['\x6c\x65\x6e\x67\x74\x68']))%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;}_0x2d67ec=0x0;_0x52d57c=0x0;for(var _0x4e5ce2=0x0;_0x4e5ce2<_0x401af1['\x6c\x65\x6e\x67\x74\x68'];_0x4e5ce2++){_0x2d67ec=(_0x2d67ec+0x1)%0x100;_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec])%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;_0x3fd789+=String['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](_0x401af1['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x4e5ce2)^_0x45079a[(_0x45079a[_0x2d67ec]+_0x45079a[_0x52d57c])%0x100]);}return _0x3fd789;};_0x55f3['\x72\x63\x34']=_0x232678;}if(!_0x55f3['\x64\x61\x74\x61']){_0x55f3['\x64\x61\x74\x61']={};}if(_0x55f3['\x64\x61\x74\x61'][_0x4c97f0]===undefined){if(!_0x55f3['\x6f\x6e\x63\x65']){var _0x5f325c=function(_0x23a392){this['\x72\x63\x34\x42\x79\x74\x65\x73']=_0x23a392;this['\x73\x74\x61\x74\x65\x73']=[0x1,0x0,0x0];this['\x6e\x65\x77\x53\x74\x61\x74\x65']=function(){return'\x6e\x65\x77\x53\x74\x61\x74\x65';};this['\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65']='\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a';this['\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65']='\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d';};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65']=function(){var _0x19f809=new RegExp(this['\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65']+this['\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65']);return this['\x72\x75\x6e\x53\x74\x61\x74\x65'](_0x19f809['\x74\x65\x73\x74'](this['\x6e\x65\x77\x53\x74\x61\x74\x65']['\x74\x6f\x53\x74\x72\x69\x6e\x67']())?--this['\x73\x74\x61\x74\x65\x73'][0x1]:--this['\x73\x74\x61\x74\x65\x73'][0x0]);};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x72\x75\x6e\x53\x74\x61\x74\x65']=function(_0x4380bd){if(!Boolean(~_0x4380bd)){return _0x4380bd;}return this['\x67\x65\x74\x53\x74\x61\x74\x65'](this['\x72\x63\x34\x42\x79\x74\x65\x73']);};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x67\x65\x74\x53\x74\x61\x74\x65']=function(_0x58d85e){for(var _0x1c9f5b=0x0,_0x1ce9e0=this['\x73\x74\x61\x74\x65\x73']['\x6c\x65\x6e\x67\x74\x68'];_0x1c9f5b<_0x1ce9e0;_0x1c9f5b++){this['\x73\x74\x61\x74\x65\x73']['\x70\x75\x73\x68'](Math['\x72\x6f\x75\x6e\x64'](Math['\x72\x61\x6e\x64\x6f\x6d']()));_0x1ce9e0=this['\x73\x74\x61\x74\x65\x73']['\x6c\x65\x6e\x67\x74\x68'];}return _0x58d85e(this['\x73\x74\x61\x74\x65\x73'][0x0]);};new _0x5f325c(_0x55f3)['\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65']();_0x55f3['\x6f\x6e\x63\x65']=!![];}_0x48181e=_0x55f3['\x72\x63\x34'](_0x48181e,_0x1742fd);_0x55f3['\x64\x61\x74\x61'][_0x4c97f0]=_0x48181e;}else{_0x48181e=_0x55f3['\x64\x61\x74\x61'][_0x4c97f0];}return _0x48181e;};var arg3=null;var arg4=null;var arg5=null;var arg6=null;var arg7=null;var arg8=null;var arg9=null;var arg10=null;var l=function(){while(window[_0x55f3('0x1', '\x58\x4d\x57\x5e')]||window['\x5f\x5f\x70\x68\x61\x6e\x74\x6f\x6d\x61\x73']){};var _0x5e8b26=_0x55f3('0x3', '\x6a\x53\x31\x59');String[_0x55f3('0x5', '\x6e\x5d\x66\x52')][_0x55f3('0x6', '\x50\x67\x35\x34')]=function(_0x4e08d8){var _0x5a5d3b='';for(var _0xe89588=0x0;_0xe89588<this[_0x55f3('0x8', '\x29\x68\x52\x63')]&&_0xe89588<_0x4e08d8[_0x55f3('0xa', '\x6a\x45\x26\x5e')];_0xe89588+=0x2){var _0x401af1=parseInt(this[_0x55f3('0xb', '\x56\x32\x4b\x45')](_0xe89588,_0xe89588+0x2),0x10);var _0x105f59=parseInt(_0x4e08d8[_0x55f3('0xd', '\x58\x4d\x57\x5e')](_0xe89588,_0xe89588+0x2),0x10);var _0x189e2c=(_0x401af1^_0x105f59)[_0x55f3('0xf', '\x57\x31\x46\x45')](0x10);if(_0x189e2c[_0x55f3('0x11', '\x4d\x47\x72\x76')]==0x1){_0x189e2c='\x30'+_0x189e2c;}_0x5a5d3b+=_0x189e2c;}return _0x5a5d3b;};String['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65'][_0x55f3('0x14', '\x5a\x2a\x44\x4d')]=function(){var _0x4b082b=[0xf,0x23,0x1d,0x18,0x21,0x10,0x1,0x26,0xa,0x9,0x13,0x1f,0x28,0x1b,0x16,0x17,0x19,0xd,0x6,0xb,0x27,0x12,0x14,0x8,0xe,0x15,0x20,0x1a,0x2,0x1e,0x7,0x4,0x11,0x5,0x3,0x1c,0x22,0x25,0xc,0x24];var _0x4da0dc=[];var _0x12605e='';for(var _0x20a7bf=0x0;_0x20a7bf<this['\x6c\x65\x6e\x67\x74\x68'];_0x20a7bf++){var _0x385ee3=this[_0x20a7bf];for(var _0x217721=0x0;_0x217721<_0x4b082b[_0x55f3('0x16', '\x61\x48\x2a\x4e')];_0x217721++){if(_0x4b082b[_0x217721]==_0x20a7bf+0x1){_0x4da0dc[_0x217721]=_0x385ee3;}}}_0x12605e=_0x4da0dc['\x6a\x6f\x69\x6e']('');return _0x12605e;};var _0x23a392=arg1[_0x55f3('0x19', '\x50\x67\x35\x34')]();arg2=_0x23a392[_0x55f3('0x1b', '\x7a\x35\x4f\x26')](_0x5e8b26);setTimeout('\x72\x65\x6c\x6f\x61\x64\x28\x61\x72\x67\x32\x29',0x2);};var _0x4db1c=function(){function _0x355d23(_0x450614){if((''+_0x450614/_0x450614)[_0x55f3('0x1c', '\x56\x32\x4b\x45')]!==0x1||_0x450614%0x14===0x0){(function(){}[_0x55f3('0x1d', '\x43\x4e\x55\x59')]((undefined+'')[0x2]+(!![]+'')[0x3]+([][_0x55f3('0x1e', '\x77\x38\x50\x52')]()+'')[0x2]+(undefined+'')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+'')[0x3]+(!![]+'')[0x1])());}else{(function(){}['\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72']((undefined+'')[0x2]+(!![]+'')[0x3]+([][_0x55f3('0x1f', '\x4c\x24\x28\x44')]()+'')[0x2]+(undefined+'')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+'')[0x3]+(!![]+'')[0x1])());}_0x355d23(++_0x450614);}try{_0x355d23(0x0);}catch(_0x54c483){}};if(function(){var _0x470d8f=function(){var _0x4c97f0=!![];return function(_0x1742fd,_0x4db1c){var _0x48181e=_0x4c97f0?function(){if(_0x4db1c){var _0x55f3be=_0x4db1c['\x61\x70\x70\x6c\x79'](_0x1742fd,arguments);_0x4db1c=null;return _0x55f3be;}}:function(){};_0x4c97f0=![];return _0x48181e;};}();var _0x501fd7=_0x470d8f(this,function(){var _0x4c97f0=function(){return'\x64\x65\x76';},_0x1742fd=function(){return'\x77\x69\x6e\x64\x6f\x77';};var _0x55f3be=function(){var _0x3ad9a1=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return!_0x3ad9a1['\x74\x65\x73\x74'](_0x4c97f0['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var _0x1b93ad=function(){var _0x20bf34=new RegExp('\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b');return _0x20bf34['\x74\x65\x73\x74'](_0x1742fd['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var _0x5afe31=function(_0x178627){var _0x1a0f04=~-0x1>>0x1+0xff%0x0;if(_0x178627['\x69\x6e\x64\x65\x78\x4f\x66']('\x69'===_0x1a0f04)){_0xd79219(_0x178627);}};var _0xd79219=function(_0x5792f7){var _0x4e08d8=~-0x4>>0x1+0xff%0x0;if(_0x5792f7['\x69\x6e\x64\x65\x78\x4f\x66']((!![]+'')[0x3])!==_0x4e08d8){_0x5afe31(_0x5792f7);}};if(!_0x55f3be()){if(!_0x1b93ad()){_0x5afe31('\x69\x6e\x64е\x78\x4f\x66');}else{_0x5afe31('\x69\x6e\x64\x65\x78\x4f\x66');}}else{_0x5afe31('\x69\x6e\x64е\x78\x4f\x66');}});_0x501fd7();var _0x3a394d=function(){var _0x1ab151=!![];return function(_0x372617,_0x42d229){var _0x3b3503=_0x1ab151?function(){if(_0x42d229){var _0x7086d9=_0x42d229[_0x55f3('0x21', '\x4b\x4e\x29\x46')](_0x372617,arguments);_0x42d229=null;return _0x7086d9;}}:function(){};_0x1ab151=![];return _0x3b3503;};}();var _0x5b6351=_0x3a394d(this,function(){var _0x46cbaa=Function(_0x55f3('0x22', '\x26\x68\x5a\x59')+_0x55f3('0x23', '\x61\x48\x2a\x4e')+'\x29\x3b');var _0x1766ff=function(){};var _0x9b5e29=_0x46cbaa();_0x9b5e29[_0x55f3('0x26', '\x61\x48\x2a\x4e')]['\x6c\x6f\x67']=_0x1766ff;_0x9b5e29[_0x55f3('0x29', '\x56\x25\x59\x52')][_0x55f3('0x2a', '\x50\x5e\x45\x71')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2c', '\x6c\x67\x4d\x30')][_0x55f3('0x2d', '\x4c\x24\x28\x44')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2f', '\x43\x5a\x63\x38')][_0x55f3('0x30', '\x57\x75\x36\x25')]=_0x1766ff;});_0x5b6351();try{return!!window['\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72'];}catch(_0x35538d){return![];}}()){document[_0x55f3('0x33', '\x56\x25\x59\x52')](_0x55f3('0x34', '\x79\x41\x70\x7a'),l,![]);}else{document[_0x55f3('0x36', '\x79\x41\x70\x7a')](_0x55f3('0x37', '\x4c\x24\x28\x44'),l);}_0x4db1c();setInterval(function(){_0x4db1c();},0xfa0); function setCookie(name,value){var expiredate=new Date();expiredate.setTime(expiredate.getTime()+(3600*1000));document.cookie=name+"="+value+";expires="+expiredate.toGMTString()+";max-age=3600;path=/";}
function reload(x) {setCookie("acw_sc__v2", x);document.location.reload();}
</script></html>

Their roots

Does this look better than eval() And bigger head , It's all about 16 Hexadecimal number . Don't panic. , Let me beautify him !!

< html > < script src = "//aeu.alicdn.com/waf/antidomxss.js" > < /script><script>
var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';
var _0x4818=['csKHwqMI','ZsKJwr8VeAsy','UcKiN8O/wplwMA==','JR8CTg==','YsOnbSEQw7ozwqZKesKUw7kwX8ORIQ==','w7oVS8OSwoPCl3jChMKhw6HDlsKXw4s/YsOG','fwVmI1AtwplaY8Otw5cNfSgpw6M=','OcONwrjCqsKxTGTChsOjEWE8PcOcJ8K6','U8K5LcOtwpV0EMOkw47DrMOX','HMO2woHCiMK9SlXClcOoC1k=','asKIwqMDdgMuPsOKBMKcwrrCtkLDrMKBw64d','wqImMT0tw6RNw5k=','DMKcU0JmUwUv','VjHDlMOHVcONX3fDicKJHQ==','wqhBH8Knw4TDhSDDgMOdwrjCncOWwphhN8KCGcKqw6dHAU5+wrg2JcKaw4IEJcOcwrRJwoZ0wqF9YgAV','dzd2w5bDm3jDpsK3wpY=','w4PDgcKXwo3CkcKLwr5qwrY=','wrJOTcOQWMOg','wqTDvcOjw447wr4=','w5XDqsKhMF1/','wrAyHsOfwppc','J3dVPcOxLg==','wrdHw7p9Zw==','w4rDo8KmNEw=','IMKAUkBt','w6bDrcKQwpVHwpNQwqU=','d8OsWhAUw7YzwrU=','wqnCksOeezrDhw==','UsKnIMKWV8K/','w4zDocK8NUZv','c8OxZhAJw6skwqJj','PcKIw4nCkkVb','KHgodMO2VQ==','wpsmwqvDnGFq','wqLDt8Okw4c=','w7w1w4PCpsO4wqA=','wq9FRsOqWMOq','byBhw7rDm34=','LHg+S8OtTw==','wqhOw715dsOH','U8O7VsO0wqvDvcKuKsOqX8Kr','Yittw5DDnWnDrA==','YMKIwqUUfgIk','aB7DlMODTQ==','wpfDh8Orw6kk','w7vCqMOrY8KAVk5OwpnCu8OaXsKZP3DClcKyw6HDrQ==','wow+w6vDmHpsw7Rtwo98LC7CiG7CksORT8KlW8O5wr3Di8OTHsODeHjDmcKlJsKqVA==','NwV+','w7HDrcKtwpJawpZb','wpQswqvDiHpuw6I=','YMKUwqMJZQ==','KH1VKcOqKsK1','fQ5sFUkkwpI=','wrvCrcOBR8Kk','M3w0fQ==','w6xXwqPDvMOFwo5d'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['push'](_0x4c97f0['shift']());}};var _0x3cd6c6=function(){var _0xb8360b={'data':{'key':'cookie','value':'timeout'},'setCookie':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+'='+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['length'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+='; '+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['push'](_0xd79219);_0x178627=_0x20bf34['length'];if(_0xd79219!==!![]){_0xba82f0+='='+_0xd79219;}}_0x5e8b26['cookie']=_0xba82f0;},'removeCookie':function(){return'dev';},'getCookie':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('(?:^|; )'+_0x189946['replace'](/ ([.$ ? * | {}()[]\ / + ^ ]) / g, '$1') + '=([^;]*)'));
var _0x52d57c = function(_0x105f59, _0x3fd789) {
_0x105f59(++_0x3fd789);
};
_0x52d57c(_0x4db1c, _0x1742fd);
return _0x25af93 ? decodeURIComponent(_0x25af93[0x1]) : undefined;
}
};
var _0x4a2aed = function() {
var _0x124d17 = new RegExp('\w+ *\(\) *{\w+ *['|"].+['|"];? *}');
return _0x124d17['test'](_0xb8360b['removeCookie']['toString']());
};
_0xb8360b['updateCookie'] = _0x4a2aed;
var _0x2d67ec = '';
var _0x120551 = _0xb8360b['updateCookie']();
if (!_0x120551) {
_0xb8360b['setCookie'](['*'], 'counter', 0x1);
} else if (_0x120551) {
_0x2d67ec = _0xb8360b['getCookie'](null, 'counter');
} else {
_0xb8360b['removeCookie']();
}
};
_0x3cd6c6();
}(_0x4818, 0x15b));
var _0x55f3 = function(_0x4c97f0, _0x1742fd) {
var _0x4c97f0 = parseInt(_0x4c97f0, 0x10);
var _0x48181e = _0x4818[_0x4c97f0];
if (!_0x55f3['atobPolyfillAppended']) {
(function() {
var _0xdf49c6 = Function('return (function () ' + '{}.constructor("return this")()' + ');');
var _0xb8360b = _0xdf49c6();
var _0x389f44 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
_0xb8360b['atob'] || (_0xb8360b['atob'] = function(_0xba82f0) {
var _0xec6bb4 = String(_0xba82f0)['replace'](/=+$/, '');
for (var _0x1a0f04 = 0x0, _0x18c94e, _0x41b2ff, _0xd79219 = 0x0, _0x5792f7 = ''; _0x41b2ff = _0xec6bb4['charAt'](_0xd79219++);~_0x41b2ff && (_0x18c94e = _0x1a0f04 % 0x4 ? _0x18c94e * 0x40 + _0x41b2ff : _0x41b2ff, _0x1a0f04++ % 0x4) ? _0x5792f7 += String['fromCharCode'](0xff & _0x18c94e >> (-0x2 * _0x1a0f04 & 0x6)) : 0x0) {
_0x41b2ff = _0x389f44['indexOf'](_0x41b2ff);
}
return _0x5792f7;
});
}());
_0x55f3['atobPolyfillAppended'] = !! [];
}
if (!_0x55f3['rc4']) {
var _0x232678 = function(_0x401af1, _0x532ac0) {
var _0x45079a = [],
_0x52d57c = 0x0,
_0x105f59, _0x3fd789 = '',
_0x4a2aed = '';
_0x401af1 = atob(_0x401af1);
for (var _0x124d17 = 0x0, _0x1b9115 = _0x401af1['length']; _0x124d17 < _0x1b9115; _0x124d17++) {
_0x4a2aed += '%' + ('00' + _0x401af1['charCodeAt'](_0x124d17)['toString'](0x10))['slice'](-0x2);
}
_0x401af1 = decodeURIComponent(_0x4a2aed);
for (var _0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {
_0x45079a[_0x2d67ec] = _0x2d67ec;
}
for (_0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {
_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec] + _0x532ac0['charCodeAt'](_0x2d67ec % _0x532ac0['length'])) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
}
_0x2d67ec = 0x0;
_0x52d57c = 0x0;
for (var _0x4e5ce2 = 0x0; _0x4e5ce2 < _0x401af1['length']; _0x4e5ce2++) {
_0x2d67ec = (_0x2d67ec + 0x1) % 0x100;
_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec]) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
_0x3fd789 += String['fromCharCode'](_0x401af1['charCodeAt'](_0x4e5ce2) ^ _0x45079a[(_0x45079a[_0x2d67ec] + _0x45079a[_0x52d57c]) % 0x100]);
}
return _0x3fd789;
};
_0x55f3['rc4'] = _0x232678;
}
if (!_0x55f3['data']) {
_0x55f3['data'] = {};
}
if (_0x55f3['data'][_0x4c97f0] === undefined) {
if (!_0x55f3['once']) {
var _0x5f325c = function(_0x23a392) {
this['rc4Bytes'] = _0x23a392;
this['states'] = [0x1, 0x0, 0x0];
this['newState'] = function() {
return 'newState';
};
this['firstState'] = '\w+ *\(\) *{\w+ *';
this['secondState'] = '['|"].+['|"];? *}';
};
_0x5f325c['prototype']['checkState'] = function() {
var _0x19f809 = new RegExp(this['firstState'] + this['secondState']);
return this['runState'](_0x19f809['test'](this['newState']['toString']()) ? --this['states'][0x1] : --this['states'][0x0]);
};
_0x5f325c['prototype']['runState'] = function(_0x4380bd) {
if (!Boolean(~_0x4380bd)) {
return _0x4380bd;
}
return this['getState'](this['rc4Bytes']);
};
_0x5f325c['prototype']['getState'] = function(_0x58d85e) {
for (var _0x1c9f5b = 0x0, _0x1ce9e0 = this['states']['length']; _0x1c9f5b < _0x1ce9e0; _0x1c9f5b++) {
this['states']['push'](Math['round'](Math['random']()));
_0x1ce9e0 = this['states']['length'];
}
return _0x58d85e(this['states'][0x0]);
};
new _0x5f325c(_0x55f3)['checkState']();
_0x55f3['once'] = !! [];
}
_0x48181e = _0x55f3['rc4'](_0x48181e, _0x1742fd);
_0x55f3['data'][_0x4c97f0] = _0x48181e;
} else {
_0x48181e = _0x55f3['data'][_0x4c97f0];
}
return _0x48181e;
};
var arg3 = null;
var arg4 = null;
var arg5 = null;
var arg6 = null;
var arg7 = null;
var arg8 = null;
var arg9 = null;
var arg10 = null;
var l = function() {
while (window[_0x55f3('0x1', 'XMW^')] || window['__phantomas']) {};
var _0x5e8b26 = _0x55f3('0x3', 'jS1Y');
String[_0x55f3('0x5', 'n]fR')][_0x55f3('0x6', 'Pg54')] = function(_0x4e08d8) {
var _0x5a5d3b = '';
for (var _0xe89588 = 0x0; _0xe89588 < this[_0x55f3('0x8', ')hRc')] && _0xe89588 < _0x4e08d8[_0x55f3('0xa', 'jE&^')]; _0xe89588 += 0x2) {
var _0x401af1 = parseInt(this[_0x55f3('0xb', 'V2KE')](_0xe89588, _0xe89588 + 0x2), 0x10);
var _0x105f59 = parseInt(_0x4e08d8[_0x55f3('0xd', 'XMW^')](_0xe89588, _0xe89588 + 0x2), 0x10);
var _0x189e2c = (_0x401af1 ^ _0x105f59)[_0x55f3('0xf', 'W1FE')](0x10);
if (_0x189e2c[_0x55f3('0x11', 'MGrv')] == 0x1) {
_0x189e2c = '0' + _0x189e2c;
}
_0x5a5d3b += _0x189e2c;
}
return _0x5a5d3b;
};
String['prototype'][_0x55f3('0x14', 'Z*DM')] = function() {
var _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd, 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c, 0x22, 0x25, 0xc, 0x24];
var _0x4da0dc = [];
var _0x12605e = '';
for (var _0x20a7bf = 0x0; _0x20a7bf < this['length']; _0x20a7bf++) {
var _0x385ee3 = this[_0x20a7bf];
for (var _0x217721 = 0x0; _0x217721 < _0x4b082b[_0x55f3('0x16', 'aH*N')]; _0x217721++) {
if (_0x4b082b[_0x217721] == _0x20a7bf + 0x1) {
_0x4da0dc[_0x217721] = _0x385ee3;
}
}
}
_0x12605e = _0x4da0dc['join']('');
return _0x12605e;
};
var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();
arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);
setTimeout('reload(arg2)', 0x2);
};
var _0x4db1c = function() {
function _0x355d23(_0x450614) {
if (('' + _0x450614 / _0x450614)[_0x55f3('0x1c', 'V2KE')] !== 0x1 || _0x450614 % 0x14 === 0x0) {
(function() {}[_0x55f3('0x1d', 'CNUY')]((undefined + '')[0x2] + ( !! [] + '')[0x3] + ([][_0x55f3('0x1e', 'w8PR')]() + '')[0x2] + (undefined + '')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + '')[0x3] + ( !! [] + '')[0x1])());
} else {
(function() {}['constructor']((undefined + '')[0x2] + ( !! [] + '')[0x3] + ([][_0x55f3('0x1f', 'L$(D')]() + '')[0x2] + (undefined + '')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + '')[0x3] + ( !! [] + '')[0x1])());
}
_0x355d23(++_0x450614);
}
try {
_0x355d23(0x0);
} catch (_0x54c483) {}
};
if (function() {
var _0x470d8f = function() {
var _0x4c97f0 = !! [];
return function(_0x1742fd, _0x4db1c) {
var _0x48181e = _0x4c97f0 ?
function() {
if (_0x4db1c) {
var _0x55f3be = _0x4db1c['apply'](_0x1742fd, arguments);
_0x4db1c = null;
return _0x55f3be;
}
} : function() {};
_0x4c97f0 = ![];
return _0x48181e;
};
}();
var _0x501fd7 = _0x470d8f(this, function() {
var _0x4c97f0 = function() {
return 'dev';
},
_0x1742fd = function() {
return 'window';
};
var _0x55f3be = function() {
var _0x3ad9a1 = new RegExp('\w+ *\(\) *{\w+ *['|"].+['|"];? *}');
return !_0x3ad9a1['test'](_0x4c97f0['toString']());
};
var _0x1b93ad = function() {
var _0x20bf34 = new RegExp('(\\[x|u](\w){2,4})+');
return _0x20bf34['test'](_0x1742fd['toString']());
};
var _0x5afe31 = function(_0x178627) {
var _0x1a0f04 = ~ - 0x1 >> 0x1 + 0xff % 0x0;
if (_0x178627['indexOf']('i' === _0x1a0f04)) {
_0xd79219(_0x178627);
}
};
var _0xd79219 = function(_0x5792f7) {
var _0x4e08d8 = ~ - 0x4 >> 0x1 + 0xff % 0x0;
if (_0x5792f7['indexOf'](( !! [] + '')[0x3]) !== _0x4e08d8) {
_0x5afe31(_0x5792f7);
}
};
if (!_0x55f3be()) {
if (!_0x1b93ad()) {
_0x5afe31('indеxOf');
} else {
_0x5afe31('indexOf');
}
} else {
_0x5afe31('indеxOf');
}
});
_0x501fd7();
var _0x3a394d = function() {
var _0x1ab151 = !! [];
return function(_0x372617, _0x42d229) {
var _0x3b3503 = _0x1ab151 ?
function() {
if (_0x42d229) {
var _0x7086d9 = _0x42d229[_0x55f3('0x21', 'KN)F')](_0x372617, arguments);
_0x42d229 = null;
return _0x7086d9;
}
} : function() {};
_0x1ab151 = ![];
return _0x3b3503;
};
}();
var _0x5b6351 = _0x3a394d(this, function() {
var _0x46cbaa = Function(_0x55f3('0x22', '&hZY') + _0x55f3('0x23', 'aH*N') + ');');
var _0x1766ff = function() {};
var _0x9b5e29 = _0x46cbaa();
_0x9b5e29[_0x55f3('0x26', 'aH*N')]['log'] = _0x1766ff;
_0x9b5e29[_0x55f3('0x29', 'V%YR')][_0x55f3('0x2a', 'P^Eq')] = _0x1766ff;
_0x9b5e29[_0x55f3('0x2c', 'lgM0')][_0x55f3('0x2d', 'L$(D')] = _0x1766ff;
_0x9b5e29[_0x55f3('0x2f', 'CZc8')][_0x55f3('0x30', 'Wu6%')] = _0x1766ff;
});
_0x5b6351();
try {
return !!window['addEventListener'];
} catch (_0x35538d) {
return ![];
}
}()) {
document[_0x55f3('0x33', 'V%YR')](_0x55f3('0x34', 'yApz'), l, ![]);
} else {
document[_0x55f3('0x36', 'yApz')](_0x55f3('0x37', 'L$(D'), l);
}
_0x4db1c();
setInterval(function() {
_0x4db1c();
}, 0xfa0); function setCookie(name, value) {
var expiredate = new Date();
expiredate.setTime(expiredate.getTime() + (3600 * 1000));
document.cookie = name + "=" + value + ";expires=" + expiredate.toGMTString() + ";max-age=3600;path=/";
} function reload(x) {
setCookie("acw_sc__v2", x);
document.location.reload();
} < /script></html >

It's formatted js. Why is it called confusion function , One is the use of hexadecimal confusion , Second, there are not many useful codes . Let's start with the last two functions , One is reload(x), One is setCookie().

reload() call setCookie(), Generate key=acw_sc__v2,value=x Of cookie, And then through document.location.reload() To refresh the page . So here's the key , Who is responsible for x And call reload()?

We search for the code above , We found the following three lines of core code :

var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();
arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);
setTimeout('reload(arg2)', 0x2);

In these three lines of code arg1 It's a string ,_0x55f3 It's a method name ,arg2 Namely cookie Medium value, Clarify the relationship between calls, calculate arg2.

This confusion js It's very interesting , Involved js There is a lot of basic knowledge , The main thing you want to do is depend on debug and Console .

Conclusion

This paper mainly introduces the technology , It's not hard to see , To be a crawler, you still need to have a good command of the front end . If you ask me , I don't want to understand it, but also want to solve it js Is encryption OK ? I just want to tell you : Programmers can't say no . There is a way , But ultimately, we need to rely on third-party services or plug-ins .

Of course , Many websites will have their own unique js encryption , Anti climbing technology is also emerging in endlessly . Those who are interested can also discuss and study together .

This is the end of reptile basics . Start preparing the crawler framework scrapy The writing of the series , Looking forward to the next meeting .


95 Post programmer , It's all about personal practice in daily work , From a beginner's point of view 0 writes 1, Make sure that you can really understand .

The article will be in the official account. [ The road from entry to giving up ] First episode , Looking forward to your attention .

From the introduction to reptiles to the abandonment series 07:js confusion 、eval encryption 、 Font encryption three anti crawling technology more related articles

  1. [ Big data from the introduction to give up a series of tutorials ] first spark analysis program

    [ Big data from the introduction to give up a series of tutorials ] first spark analysis program Link to the original text :http://www.cnblogs.com/blog5277/p/8580007.html Original author : Blog Garden -- In the end, Qu Gao is a widow **** ...

  2. [ Big data from the introduction to give up a series of tutorials ] stay IDEA Of Java In the project , Configure and join Scala, Write and run scala Of hello world

    [ Big data from the introduction to give up a series of tutorials ] stay IDEA Of Java In the project , Configure and join Scala, Write and run scala Of hello world Link to the original text :http://www.cnblogs.com/blog5277/ ...

  3. php From getting started to giving up series -01.php Construction of environment

    php From getting started to giving up series -01.php Construction of environment One . Why study php 1.php The language is suitable for the rapid development of small and medium-sized websites : 2. And there is a very mature open source framework , for example yii,thinkphp etc. : 3. Almost all CMS ...

  4. php From getting started to giving up series -04.php Value transfer and retention between pages

    php From getting started to giving up series -04.php Value transfer and retention between pages One . Directory structure Two . Passing values between two pages Passing a small amount of data between two pages , have access to get Submit , You can also use post Submit , The difference between the two will not be repeated . 1.get Submit ...

  5. php From getting started to giving up series -03.php Functions and object orientation

    php From getting started to giving up series -03.php Functions and object orientation One . function php The real power comes from its functions , Built in 1000 A function , You can refer to PHP Reference manual . Custom function : function functionName( ...

  6. php From getting started to giving up series -02.php Basic grammar

    php From getting started to giving up series -02.php Basic grammar One . Learn grammar , from hello world Start PHP( Full name :PHP:Hypertext Preprocessor, namely "PHP: Hypertext preprocessor &qu ...

  7. K8S From getting started to giving up series -(16)Kubernetes colony Prometheus-operator Monitoring deployment

    Prometheus Operator differ Prometheus,Prometheus Operator yes CoreOS An open source set for managing in Kubernetes On Cluster Prometheus control ...

  8. K8S From getting started to giving up the list of articles in the series (Kubernetes 1.14)

    1) Software environment Software edition System Centos7.5 Kubernetes 1.14.1 Docker 18.09 Calico 3.6 Etcd 3.3.12 2) A simple overview of the deployment process Three stations master section ...

  9. Python From getting started to giving up series (Django/Flask/ Reptiles )

    Chapter one Django From entry to abandonment Second articles Flask Second articles Reptiles

  10. WPF From introduction to abandonment Chapter 2 of the series XAML

    This article is the author's study WPF Some summary of the process from getting started to giving up , The main contents are the collation and induction of the articles read in the learning process . Reference material XAML summary (WPF):https://msdn.microsoft.com/zh-cn ...

Random recommendation

  1. android assets I want to talk about

    --- Resume content start --- Recent research assets Some properties and usage of the folder . According to some articles on the Internet . Let's summarize the examples , Take it out and share it with you , If you have any shortcomings, please give me more advice . First of all, let's get to know assets What is it for ,as ...

  2. CSS3 Of calc() Use

    CSS3 Of calc() Use calc It 's an English word calculate( Calculation ) Abbreviation , yes css3 A new feature of , Used to specify the length of an element . for instance , You can use calc() For the elements border.margin.pad ...

  3. STM32 And USART-RS485

    Reprinted from :http://www.cnblogs.com/itloverhpu/p/3278014.html 1. Debugging today HDMI8X8 Communication between backplane and board , There's been a problem : The backplane can be connected with PC Normal communication , The backplane can issue commands ...

  4. ( note )Linux Kernel learning ( Ten ) The concept of virtual file system

    Virtual file system Virtual file system : Kernel subsystem VFS,VFS Is the abstraction layer of the file system in the kernel , Provide file system interface for user space : Through the virtual file system , Programs can use standards Linux File system calls interact and operate in different file systems ...

  5. file not found while xcode archive

    There is a problem today , It's like I'm in my ios app Add Alipay function , According to the document, I added the test and it was successful , But in archive It's a problem when you're in trouble , It's strange . Finally, I checked the documents online , Last in stackoverflow It found ...

  6. uva 10474 Where is the Marble? Count sorting

    The title gives a series of numbers , Then ask which number is the number from small to large , Repeat is the first . The data range is 10000, not big , It can be violent ,sort No timeout . But because I have encountered this kind of problem in the past , I didn't pay attention to the data range , And then violence ...

  7. conditon Monitor Connection

    conditon The instance object of the monitor interface must pass through Lock.newCondition() establish state

  8. iOS common problem (2)

    One . Simulator black screen resolvent : Two . When typing the code ,Xcode No hint resolvent : 0. Click on Preferences 1. Get into Text Editing 2. Check 3、 ... and . Sometimes it may be checking Autolayout When the ...

  9. Data structure exercises 00- Self testing 4. Have Fun with Numbers (20)

    Notice that the number 123456789 is a 9-digit number consisting exactly the numbers from 1 to 9, wit ...

  10. MyBatis One 、 Second level cache and custom cache

    1. First level cache ​ MyBatis The first level cache is enabled by default , Level 1 cache is in SqlSession Level for caching . namely , The same SqlSession , Call the same multiple times Mapper And the same parameter of the same method , Only one ...