在C#中执行JavaScript

Executing JavaScript in C#

本文关键字:JavaScript 执行      更新时间:2024-04-22

我正试图通过用C#代码重新创建逻辑来在后端执行以下JavaScript。我试图获得"sucuri_cloudproxy_js"cookie以访问网络内容,但为了获得该cookie,您必须执行该JavaScript。在C#中执行javascript最有效的方法是什么?非常感谢。

var s = {},
u, c, U, r, i, l = 0,
a, e = eval,
w = String.fromCharCode,
sucuri_cloudproxy_js = '',
S = 'dj0nd0U3Jy5jaGFyQXQoMikrU3RyaW5nLmZyb21DaGFyQ29kZSg5OSkgKyAiIiArIjZzdSIuc2xpY2UoMCwxKSArICI5c3UiLnNsaWNlKDAsMSkgKyAnNScgKyAgIjUiICsgImZzZWMiLnN1YnN0cigwLDEpICsgIjNzdWN1ciIuY2hhckF0KDApKyAnJyArIAoiMyIgKyAiIiArImQiLnNsaWNlKDAsMSkgKyAgJycgKyIwc3UiLnNsaWNlKDAsMSkgKyAgJycgKydlJyArICAiYyIgKyAiIiArImJzdWN1ciIuY2hhckF0KDApK1N0cmluZy5mcm9tQ2hhckNvZGUoMHgzMikgKyAgJycgKycnKydlJyArICAiOCIuc2xpY2UoMCwxKSArICAnJyArJ2ZLNycuY2hhckF0KDIpKydANCcuc2xpY2UoMSwyKSsiIiArImQiICsgICcnICsgCiJiIiArICI5IiArICAnJyArJycrU3RyaW5nLmZyb21DaGFyQ29kZSg1NCkgKyAiYiIgKyAgJycgKyAKIjYiICsgJzAnICsgICIiICsiNyIgKyAnb01kJy5jaGFyQXQoMikrImFzZWMiLnN1YnN0cigwLDEpICsgU3RyaW5nLmZyb21DaGFyQ29kZSg0OSkgKyAgJycgKycnKyc4JyArICAiZHNlYyIuc3Vic3RyKDAsMSkgKyAnJztkb2N1bWVudC5jb29raWU9J3NzdWMnLmNoYXJBdCgwKSsgJ3VzdWMnLmNoYXJBdCgwKSsgJ2MnKyd1JysncicrJ2knKydfJysnYycuY2hhckF0KDApKydsc3UnLmNoYXJBdCgwKSArJ3N1Y3VybycuY2hhckF0KDUpICsgJ3UnKydzdWN1cmQnLmNoYXJBdCg1KSArICdwc3VjdXInLmNoYXJBdCgwKSsgJ3InKydvJysneHN1Y3VyJy5jaGFyQXQoMCkrICd5Jy5jaGFyQXQoMCkrJ18nKycnKyd1c3VjdXInLmNoYXJBdCgwKSsgJ3N1Jy5jaGFyQXQoMSkrJ2knKycnKydkJysnX3MnLmNoYXJBdCgwKSsnM3N1Y3UnLmNoYXJBdCgwKSAgKycwJysnZCcrJzEnLmNoYXJBdCgwKSsnOXN1Y3UnLmNoYXJBdCgwKSAgKydzdTknLmNoYXJBdCgyKSsnc3VjdXIzJy5jaGFyQXQoNSkgKyAnYXN1Y3VyaScuY2hhckF0KDApICsgJ2YnKyI9IiArIHY7IGxvY2F0aW9uLnJlbG9hZCgpOw==';
L = S.length;
U = 0;
r = '';
var A = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for (u = 0; u < 64; u++) {
    s[A.charAt(u)] = u;
}
for (i = 0; i < L; i++) {
c = s[S.charAt(i)];
U = (U << 6) + c;
l += 6;
    while (l >= 8) {
    ((a = (U >>> (l -= 8)) & 0xff) || (i < (L - 2))) && (r += w(a));
    }
}
e(r);

这看起来像某种base64解码算法。C#中有内置的base64解码器,您可以尝试。或者,如果"S"从未更改,您可以用javascript执行它,并将结果放入C#程序中。

在javascript控制台中执行此操作:

var s = {},
u, c, U, r, i, l = 0,
a, e = eval,
w = String.fromCharCode,
sucuri_cloudproxy_js = '',
S = 'dj0nd0U3Jy5jaGFyQXQoMikrU3RyaW5nLmZyb21DaGFyQ29kZSg5OSkgKyAiIiArIjZzdSIuc2xpY2UoMCwxKSArICI5c3UiLnNsaWNlKDAsMSkgKyAnNScgKyAgIjUiICsgImZzZWMiLnN1YnN0cigwLDEpICsgIjNzdWN1ciIuY2hhckF0KDApKyAnJyArIAoiMyIgKyAiIiArImQiLnNsaWNlKDAsMSkgKyAgJycgKyIwc3UiLnNsaWNlKDAsMSkgKyAgJycgKydlJyArICAiYyIgKyAiIiArImJzdWN1ciIuY2hhckF0KDApK1N0cmluZy5mcm9tQ2hhckNvZGUoMHgzMikgKyAgJycgKycnKydlJyArICAiOCIuc2xpY2UoMCwxKSArICAnJyArJ2ZLNycuY2hhckF0KDIpKydANCcuc2xpY2UoMSwyKSsiIiArImQiICsgICcnICsgCiJiIiArICI5IiArICAnJyArJycrU3RyaW5nLmZyb21DaGFyQ29kZSg1NCkgKyAiYiIgKyAgJycgKyAKIjYiICsgJzAnICsgICIiICsiNyIgKyAnb01kJy5jaGFyQXQoMikrImFzZWMiLnN1YnN0cigwLDEpICsgU3RyaW5nLmZyb21DaGFyQ29kZSg0OSkgKyAgJycgKycnKyc4JyArICAiZHNlYyIuc3Vic3RyKDAsMSkgKyAnJztkb2N1bWVudC5jb29raWU9J3NzdWMnLmNoYXJBdCgwKSsgJ3VzdWMnLmNoYXJBdCgwKSsgJ2MnKyd1JysncicrJ2knKydfJysnYycuY2hhckF0KDApKydsc3UnLmNoYXJBdCgwKSArJ3N1Y3VybycuY2hhckF0KDUpICsgJ3UnKydzdWN1cmQnLmNoYXJBdCg1KSArICdwc3VjdXInLmNoYXJBdCgwKSsgJ3InKydvJysneHN1Y3VyJy5jaGFyQXQoMCkrICd5Jy5jaGFyQXQoMCkrJ18nKycnKyd1c3VjdXInLmNoYXJBdCgwKSsgJ3N1Jy5jaGFyQXQoMSkrJ2knKycnKydkJysnX3MnLmNoYXJBdCgwKSsnM3N1Y3UnLmNoYXJBdCgwKSAgKycwJysnZCcrJzEnLmNoYXJBdCgwKSsnOXN1Y3UnLmNoYXJBdCgwKSAgKydzdTknLmNoYXJBdCgyKSsnc3VjdXIzJy5jaGFyQXQoNSkgKyAnYXN1Y3VyaScuY2hhckF0KDApICsgJ2YnKyI9IiArIHY7IGxvY2F0aW9uLnJlbG9hZCgpOw==';
L = S.length;
U = 0;
r = '';
var A = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for (u = 0; u < 64; u++) {
    s[A.charAt(u)] = u;
}
for (i = 0; i < L; i++) {
c = s[S.charAt(i)];
U = (U << 6) + c;
l += 6;
    while (l >= 8) {
    ((a = (U >>> (l -= 8)) & 0xff) || (i < (L - 2))) && (r += w(a));
    }
}
r;

给出:

v='wE7'.charAt(2)+String.fromCharCode(99) + "" +"6su".slice(0,1) + "9su".slice(0,1) + '5' +  "5" + "fsec".substr(0,1) + "3sucur".charAt(0)+ '' + 
"3" + "" +"d".slice(0,1) +  '' +"0su".slice(0,1) +  '' +'e' +  "c" + "" +"bsucur".charAt(0)+String.fromCharCode(0x32) +  '' +''+'e' +  "8".slice(0,1) +  '' +'fK7'.charAt(2)+'@4'.slice(1,2)+"" +"d" +  '' + 
"b" + "9" +  '' +''+String.fromCharCode(54) + "b" +  '' + 
"6" + '0' +  "" +"7" + 'oMd'.charAt(2)+"asec".substr(0,1) + String.fromCharCode(49) +  '' +''+'8' +  "dsec".substr(0,1) + '';document.cookie='ssuc'.charAt(0)+ 'usuc'.charAt(0)+ 'c'+'u'+'r'+'i'+'_'+'c'.charAt(0)+'lsu'.charAt(0) +'sucuro'.charAt(5) + 'u'+'sucurd'.charAt(5) + 'psucur'.charAt(0)+ 'r'+'o'+'xsucur'.charAt(0)+ 'y'.charAt(0)+'_'+''+'usucur'.charAt(0)+ 'su'.charAt(1)+'i'+''+'d'+'_s'.charAt(0)+'3sucu'.charAt(0)  +'0'+'d'+'1'.charAt(0)+'9sucu'.charAt(0)  +'su9'.charAt(2)+'sucur3'.charAt(5) + 'asucuri'.charAt(0) + 'f'+"=" + v; location.reload();

去掉location.reload并执行它,结果是一个字符串:

"sucuri_cloudproxy_uuid_30d1993af=7c6955f33d0ecb2e874db96b607da18d"

所有这些最初都是通过eval函数传递的,所以最后,我猜你想要7c。。。18d,或者可能与uuid变量有关。

如果S发生变化,那么您需要对整个过程进行逆向工程,或者找到一种利用服务器端工具执行javascript的方法。也许你可以使用类似phantomjs的东西。

添加到Mark Evaul的答案中,cookie内容应通过引用在控制器代码中可用:

Request.Cookies["sucuri_cloudproxy_js"].Value

您可以对该值运行替换算法来解码cookie的值。

相关文章: