I found this javascript very strange, when I run on my console browser it gives me an alert with the following message
'Always be wary of Javascript containing quotes. No quotes = safe!'
I am very curious about it (really doesn't even know if this is a thing, is it useful for something?)
If any of you would like to share knowledge about this kind of "techniques" I will totally appreciate! :)
for(A in {A󠅬󠅷󠅡󠅹󠅳󠄠󠅢󠅥󠄠󠅷󠅡󠅲󠅹󠄠󠅯󠅦󠄠󠅊󠅡󠅶󠅡󠅳󠅣󠅲󠅩󠅰󠅴󠄠󠅣󠅯󠅮󠅴󠅡󠅩󠅮󠅩󠅮󠅧󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄮󠄠󠅎󠅯󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄠󠄽󠄠󠅳󠅡󠅦󠅥󠄡:0}){alert(unescape(escape(A).replace(/u.{8}/g,[])))};
This is explained in detail on this blog post: https://www.stefanjudis.com/blog/hidden-messages-in-javascript-property-names/
The main "trick" to this snippet is that there are lots of invisible unicode characters between the {
and the A
here:
{A󠅬󠅷󠅡󠅹󠅳󠄠󠅢󠅥󠄠󠅷󠅡󠅲󠅹󠄠󠅯󠅦󠄠󠅊󠅡󠅶󠅡󠅳󠅣󠅲󠅩󠅰󠅴󠄠󠅣󠅯󠅮󠅴󠅡󠅩󠅮󠅩󠅮󠅧󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄮󠄠󠅎󠅯󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄠󠄽󠄠󠅳󠅡󠅦󠅥󠄡:0}
You can see the code points for them like this:
Object.keys({A󠅬󠅷󠅡󠅹󠅳󠄠󠅢󠅥󠄠󠅷󠅡󠅲󠅹󠄠󠅯󠅦󠄠󠅊󠅡󠅶󠅡󠅳󠅣󠅲󠅩󠅰󠅴󠄠󠅣󠅯󠅮󠅴󠅡󠅩󠅮󠅩󠅮󠅧󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄮󠄠󠅎󠅯󠄠󠅱󠅵󠅯󠅴󠅥󠅳󠄠󠄽󠄠󠅳󠅡󠅦󠅥󠄡:0})[0].split("").map(x => x.codePointAt(0))
// [65, 56128, 56684, 56128, 56695, 56128, 56673, 56128, 56697, 56128, 56691, 56128, 56608, 56128, 56674, 56128, 56677, 56128, 56608, 56128, 56695, 56128, 56673, 56128, 56690, 56128, 56697, 56128, 56608, 56128, 56687, 56128, 56678, 56128, 56608, 56128, 56650, 56128, 56673, 56128, 56694, 56128, 56673, 56128, 56691, 56128, 56675, 56128, 56690, 56128, 56681, 56128, 56688, 56128, 56692, 56128, 56608, 56128, 56675, 56128, 56687, 56128, 56686, 56128, 56692, 56128, 56673, 56128, 56681, 56128, 56686, 56128, 56681, 56128, 56686, 56128, 56679, 56128, 56608, 56128, 56689, 56128, 56693, 56128, 56687, 56128, 56692, 56128, 56677, 56128, 56691, 56128, 56622, 56128, 56608, 56128, 56654, 56128, 56687, 56128, 56608, 56128, 56689, 56128, 56693, 56128, 56687, 56128, 56692, 56128, 56677, 56128, 56691, 56128, 56608, 56128, 56637, 56128, 56608, 56128, 56691, 56128, 56673, 56128, 56678, 56128, 56677, 56128, 56609]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With