What does this anti-roboe code in Javascript do?

Asked

Viewed 8,418 times

11

What this anti-roboe code in Javascript does? 

<html><head></head><body onload="challenge();">
<script>
eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('1 6(){2.3=\'4=5; 0-7=8; 9=/\';a.b.c()}',13,13,'max|function|document|cookie|Anti-Robot|ee2c23967cffbc6dff69153929fd8155017def99|challenge|age|86400|path|window|location|reload'.split('|'),0,{}))
</script>
</body></html>

A few weeks ago I saw an argument about Parse websites where one of the members posted this code anti-robo it was also reported that the software used by him during the process was an exorbitant time trying to download a single page and at the end there was only this anti-roboe code and no content of the desired page, unfortunately I no longer have the link neither the discussion nor the website whose page has this anti-roboe.

Obs: It was reported that he was using the software Phantomjs configured with a user-agent (what in theory should make it look like Chrome/firefox).

Obs2: This is the original code formatting

javascript scraping

  • is only encoded... there are several websites that decode returning the result compiled by function Eval(). Do it yourself on this site and see what it returns: http://www.strictly-software.com/unpacker

  • @Danielomine could not do unpack, I would like an explanation of the same code.

1 answer

14


The original code is:

function challenge() {
    document.cookie = 'Anti-Robot=ee2c23967cffbc6dff69153929fd8155017def99; max-age=86400; path=/';
    window.location.reload()
}

It basically defines the cookie Anti-Robot and then refresh the page.

Probably the cookie is used later checked on the server to prevent a form from being submitted or a request being made by automated scripts.

Maybe the value of the cookie is invalidated with each request and generated again, as a type token with limited duration. This is a common technique in several frameworks of different languages to avoid requests duplicates (user clicks twice on button, browser makes 2 submits, but the second is ignored by the server because the token was already used in the first request) and some security holes.

However, you would need to evaluate the code in context to be sure.

  • how did I get this result? how does the browser get this result?

  • 1

    @Ricardohenrique To decompile I used the unpacker that Daniel Omine suggested. You need to paste there only the line of Eval. Already the browser performs what is inside the Eval and there has a function that decodes the code.

Browser other questions tagged javascript scraping

You are not signed in. Login or sign up in order to post.