Can someone help me decode this?

[Brizz]

I'd like to actually learn...and be able to reencode, can someone help?

Javascript Obfuscated:

http://pastie.org/1520811


Thanks!!

[austn]

i just added a document.write to print it...

Code:

<script>
document.write(String.fromCharCode(102,117,110,9..blahblahblah");
</script>

result:

Code:

function _49rsues(s){ st = s.split(","); d = ""; for(i = 0;i < st.length; i++){ d += String.fromCharCode(st[i] - 11); } eval(d); }

$5 pls

[pbgettfo]

beat to it

[Brizz]

thanks dude...if i make some money off of it, ill give u more than $5

[Brizz]

im still newb as hell--what do i do with that second part?, need the entire thing decoded?


...or should i be able to figure this shit out?

(COMPLETE newb to this shit)


I see that doc.write results IN ONLY the code you presented...but it does a LOT....how can I get all of it decoded?

[Brizz]

can i doc.write eval(d); } or something?

[Brizz]

Please help! Some major money to be made....I'll split with anyone who helps me out.

[_Krink]

Everywhere where there is a eval statement just replace it with document.write or alert and you will see whats going down.

[Synja]

Obfuscated code in any language has to be translated at least partially in order to run. All you have to do is allow it to run whatever de-obfuscation method it uses and simply look at what it spits out.

Same with encrypted malware. Once you have it running, it has to decrypt itself before it can run the encrypted/obfuscated portion, you simply need to look at it at the proper point in the execution.

can i doc.write eval(d); } or something?

I don't have much knowledge of JS, but yes, anywhere it's evaluating the obfuscated portion, you can doc write with the syntax presented above.