nb_es002.html : !Impressions! PageParser Revealed

'; document.writeln(my_chunk); } } // -->

	<a target="_top" href="http://ad.doubleclick.net/jump/fc.us468/member/tech;abr=!ie;s1=m;s3=tech;pos=1;tag=i;sz=468x60;mtile=1;ord=2001?"><img src="http://ad.doubleclick.net/ad/fc.us468/member/tech;abr=!ie;s1=m;s3=tech;pos=1;tag=i;sz=468x60;mtile=1;ord=2001?" border=0 height="60" width="468"></a>

<A HREF="http://ad.doubleclick.net/jump/fc.us88/member/tech;abr=!ie;s1=m;s3=tech;pos=2;tag=i;sz=88x31;mtile=2; ord=3100?"><IMG SRC="http://ad.doubleclick.net/ad/fc.us88/member/tech;abr=!ie;s1=m;s3=tech;pos=2;tag=i;sz=88x31;mtile=2; ord=3100?" height=31 width=88 border=0></A>

<A HREF="http://ad.doubleclick.net/jump/fc.us88/member/tech;abr=!ie;s1=m;s3=tech;pos=3;tag=i;sz=88x31;mtile=3; ord=3101?"><IMG SRC="http://ad.doubleclick.net/ad/fc.us88/member/tech;abr=!ie;s1=m;s3=tech;pos=3;tag=i;sz=88x31;mtile=3; ord=3101?" height=31 width=88 border=0></A>

--> nb_es002.html : !Impressions! PageParser Revealed


!Impressions! PageParser Revealed	Hyper Java-script

-Sp!ke October 1999

!Impressions! PageParser is a nice example of obfuscation. Whilst the altered page is not really encrypted it is damned hard to read. The decryption technique is once again all too simple to get around, although it does require a little 'work' to find the right way to do it. I am not going to explain how as this has been fully covered in my previous essays:

CENSORED.htmReversing a simple JS page protection: censored this link just because this page is on +Fravias "hidden" js-pages
and
Reversing JS self decoding, page protections (A Generic Decoder):

What have they done?
!Impressions! have made use of the javascript escape & unescape functions these return the hexadecimal encoding of an argument in the ISO-Latin-1 character set and the ASCII string for the specified hexadecimal encoding value respectively.
For example:
The following example returns "&":
unescape("%26")
The following example returns "!#":
unescape("%21%23")
And this example of the escape function:
escape("The_rain. In Spain, Ma'am")
returns the following:
"The_rain.%20In%20Spain%2C%20Ma%92am"

Taking the last example you can see if get a whole web page and convert every ISO-Latin-1 character into it's hexadecimal equivalent, and also strip all line feeds, you end up with a right old mess!
Of course it's not just a simple matter of converting these values and dropping them onto your html page, as an amount of processing has to be done to pass them to the unescape function.
(Otherwise you will just see garbage)
As before however the whole obfuscation is let down for the simple reason that to pass the 'clear' text to the screen you have to use the document.write function. Yes, that's the hint ;)

Finally, if +Fravia approves, you will find here the complete un-obfuscated source to the online Pageparser, useable (online only) at
http:// www.ozemail.com.au/~jbp/impressions/pageparse2.html

Ob Duh

I wont even bother explaining you that you should BUY this target program if you intend to use it for a longer period than the allowed one. Should you want to STEAL this software instead, you don't need to crack its protection scheme at all: you'll find it on most Warez sites, complete and already regged, farewell.

choose your way out:

Fravia's (frozen) homepage

The Seeker's homepage

The javascript workshop

What's new