Obfuscated Javascript In An Exploit Kit Using Array's Constructor

August 03, 2023 Post a Comment

I noticed some obfuscated Javascript in an Exploit Kit > a = []['constructor'] Array() { [native code] } > b = a['constructor'] Function() { [native code] } > b('console.l

Solution 1:

[].constructor.constructor("console.log('a');")()

a

SO.. what is this?

[].constructor.constructor

Function() { [native code] }

Ahha... so it is just a way to invoke the Function constructor, which takes a string to eval... then the final parens invoke it.

Function("console.log('a')")()  // Works withorwithout `new`

a

Solution 2:

You can enter [].constructor.constructor into any JS console and find out for yourself.

Baca Juga

Trackballcontrols.js: This.domelement.addeventlistener Is Not A Function
Using Javascript Instead Iframe Source?
Sort By Image Resolution In Gallery

[].constructor
  -> Array() { [native code] }
[].constructor.constructor
  -> Function() { [native code] }
[].constructor.constructor("console.log('a');")()
 -> a

JavaScript Free

Obfuscated Javascript In An Exploit Kit Using Array's Constructor

Solution 1:

Solution 2:

Post a Comment for "Obfuscated Javascript In An Exploit Kit Using Array's Constructor"