Recursive Obfuscation

Thanks to Jonathan Ness for pointing me to an example of a new obfuscation technique that attempts to thwart the eval() à alert() trick.Take a look at the following obfuscation script: 1  <script> 2  function N(F,D) 3  { 4     if (!D) D = ‘ “#%()-./012348:;<=>@ACEGHILMOPRTVWY\\]_abcdefghijlmnopqrstuvwxyz’; 5   6     var f; 7     var V=”; 8   9     for (var c=0;c<F.length;c+=arguments.callee.toString().length-380)10     {11          …

0

High-bit ASCII obfuscation

Here’s another new obfuscation technique I’ve seen in use on malicious web sites recently.  Check out the following HTML:<html><meta http-equiv=content-type content=’text/html; charset=us-ascii’></head><body>¼óãòéðô¾áìåòô¨¢Ôèéó éó óïíå ïâæõóãáôåä óãòéðô¡¢©»¼¯óãòéðô¾</body></html> Those funny characters are actually standard ASCII characters with the high-bit of each byte set.  If the high-bit ASCII managed to get posted properly to this blog without getting mangled, you should be able…

1