Question
I'm trying to 'disassemble' javascript code that is sending spam to places. It is using eval() to run parts of the code from an obfuscated string.
My question is: what can I use to check what commands are actually running through the interpreter? Trying to undo evals "by hand" is quite tedious.
Here is the code I'm struggling with:
https://stackoverflow.com/questions/23582583
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianeval(function (p, a, c, k, e, d) {
e = function (c) {
return (c35 ? String.fromCharCode(c + 29) : c.toString(36));
}
while (c--) {
if (k[c]) {
p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c]);
}
}
return p;
}('//loooong encrypted part here//'.split(|)))
Solution
Like minitech said, console.log("There is an error here").
You can check for the message by using the Javascript console. If you are on Google Chrome, Menu -> Tools -> Javascript Console. Or Ctrl Shift J.
The old, traditional method would be to use alert("Error!"). Not recommended, but you can use it if you find delight in immediate response.
OTHER TIPS
Replace eval with console.log. Repeat.
