A colleague of mine sent me a snippet of code made only of brackets ()[]{}, plus signs and exclamation marks.
[][(![]+[])[!+[]+!![]+!![]]+([]+{})[+!![]]+(!![]+[])[+!![]]+(!![]+[])[+[]]]
and it goes on like this..
This vaguely reminds me of Brainfuck, but I couldn't find any esoteric language written like this.
Could you help me understand what language is it?
This link explains it pretty well how this kind of javascript code works: http://patriciopalladino.com/blog/2012/08/09/non-alphanumeric-javascript.html
Here is a short summary:
The main trick that makes this work is typecasting:[]
is an empty array+[] === 0
casts this empty array to a number, namely zero!+[] === true
then casts the zero to false and negates it to true!+[]+!+[] === 2
is basically adding true+true. so the trues are casted to 1 and then added. This way you can get arbitrary numbers.
But numbers are not enough to program, right?[]+{} === "[object Object]"
we can get strings by adding an empty object ({}
) to arbitrary things like for example an empty array ([]
).([]+{})[+!+[]] === "o"
we can then get the second character of the string by doing an array access on that string ("abc"[1] == "b"
).
But we are still limited to that 10 characters present in that string. We can expand that by converting other things to string like:"undefined" === [][+[]]+[]
(accessing an undefined index of an array), "NaN" === +{}+[]
(cast object to number), "true" === !![]+[]
,"false" === ![]+[]
Then you still dont have arbitrary characters, but from here there are several ways to get them. For example if you are targeting browsers you can use the btoa
function (btoa
takes a string as input and returns the base64 encoded version of it) to get arbitrary ASCII characters.
The final step is then to execute our generated string:
[]["sort"]["constructor"]("OUR_CODE")()
We first get the the sort function which every array has as a property. Then we access the constructor of the sort function, which is the Function
function. It can be used to construct arbitrary anonymous functions and takes a string with code as input. Finally we call our newly created function with ()
It's called JSFuck. Take a look at this links below.
JSFuck Encoder: http://www.jsfuck.com/
Decode JSFuck: How to decode a JSFuck script? https://enkhee-osiris.github.io/Decoder-JSFuck/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With