Skip to main content

Cara Menghapus Credit Template

Cara Menghapus Credit Template

Pada saat mencoba template gratisan, kdang kita terheran-heran saat blog kita tiba-tiba ter-redirect secara otomatis.

Contoh Script Redirect otomatis:

<script type='text/javascript'>
$(document)["ready"](function() {$("#credit")["html"]("<a href="URLDOMAIN">BLOG TEMPLATE</a>");    setInterval(function() { if (!$("#credit:visible")["length"]) {window["location"]["href"] = "URLDOMAIN"}}, 3000)});
</script>

Tapi setelah kita cari di template kok ga nemu2. Bisa dipastikan kode Javascript-nya sudah di-Obfuscated.

Ini dia cara menemukannya

<footer class='footerku' id='footerku'>
<span class='credit-link'> Template By <a href='URLDOMAIN' id='credit' title='BLOG TEMPLATE'>BLOG TEMPLATE</a></span>
</footer>

*Warna merah : Kalau dihapus, blog kita akan ter-redirect

2. Cari kode Javascript yang di-obfuscated pada template

Contoh kode yang di-obvuscated:


<script type='text/javascript'>
    //<![CDATA[
    var summary = 38;
    var ry = "<h4>Similar Posts</h4>";
    rn = "<h5>No related post available</h5>";
    eval(function(w, i, s, e) {
        var lIll = 0;
        var ll1I = 0;
        var Il1l = 0;
        var ll1l = [];
        var l1lI = [];
        while (true) {
            if (lIll < 5) l1lI.push(w.charAt(lIll));
            else if (lIll < w.length) ll1l.push(w.charAt(lIll));
            lIll++;
            if (ll1I < 5) l1lI.push(i.charAt(ll1I));
            else if (ll1I < i.length) ll1l.push(i.charAt(ll1I));
            ll1I++;
            if (Il1l < 5) l1lI.push(s.charAt(Il1l));
            else if (Il1l < s.length) ll1l.push(s.charAt(Il1l));
            Il1l++;
            if (w.length + i.length + s.length + e.length == ll1l.length + l1lI.length + e.length) break;
        }
        var lI1l = ll1l.join('');
        var I1lI = l1lI.join('');
        ll1I = 0;
        var l1ll = [];
        for (lIll = 0; lIll < ll1l.length; lIll += 2) {
            var ll11 = -1;
            if (I1lI.charCodeAt(ll1I) % 2) ll11 = 1;
            l1ll.push(String.fromCharCode(parseInt(lI1l.substr(lIll, 2), 36) - ll11));
            ll1I++;
            if (ll1I >= l1lI.length) ll1I = 0;
        }
        return l1ll.join('');
    }('8f8991u2z2829333916243q01211m25312q1b3v2c1d3q011z2k3q01222k3v3u37262t203p112238231s27352z14212x252z1a3u29111z38251s27332z1632281w1z121611133v2b2q192z241u3u2v2z2n113w262c133x2b2q172z2611121m233e1i2e2936182x3u101z1o380y101z3b233x2z2938182x3s10111o2e162t3b233x29213x3b233v29233x111z2s2911222s271u3u291p2o1i27222o2c1z2314193v111122223316312q193v111k1v332z1d322p2c1z3w2o211o1e27311q1m23111s273r173126162c1c3e', 'f784611326f3a308d8b74df064e321d9')); //]]>  
    $(document).ready(function() {
        $( & quot;.taze & quot;).click(function() {
            $( & quot;.jeep & quot;).slideToggle( & quot; normal & quot;);
        });
    });
    $(document).ready(function() {
        $( & quot;.tabe & quot;).click(function() {
            $( & quot;.deep & quot;).slideToggle( & quot; normal & quot;);
        });
    });
</script>

*Kode warna merah adalah kode yang telah di-obvuscate. (Kode sebenarnya lebih panjang, saya potong biar ga terlalu panjang

3. Copy kode warna merah, dan kemudian paste pada Tool DeObfuscate Javascript.
Contoh tool: _http://deobfuscatejavascript.com/

4. Biasanya setelah di-Deobvuscate, script Redirect langsung bisa ditemukan. Tapi kadang masih ada yang berupa format Hex. Jadi kita harus menggunakan tool Hex Decoder: _http://ddecode.com/hexdecoder/

Contoh kode:


$(document)["\x72\x65\x61\x64\x79"](function() {
    $("\x23\x63\x72\x65\x64\x69\x74")["\x68\x74\x6D\x6C"]("\x3C\x61\x20\x68\x72\x65\x66\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x62\x6C\x6F\x67\x67\x65\x72\x74\x68\x65\x6D\x65\x39\x2E\x63\x6F\x6D\x2F\x22\x3E\x42\x6C\x6F\x67\x67\x65\x72\x74\x68\x65\x6D\x65\x39\x3C\x2F\x61\x3E");
    setInterval(function() {
        if (!$("\x23\x63\x72\x65\x64\x69\x74\x3A\x76\x69\x73\x69\x62\x6C\x65")["\x6C\x65\x6E\x67\x74\x68"]) {
            window["\x6C\x6F\x63\x61\x74\x69\x6F\x6E"]["\x68\x72\x65\x66"] = "\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x62\x6C\x6F\x67\x67\x65\x72\x74\x68\x65\x6D\x65\x39\x2E\x63\x6F\x6D\x2F"
        }
    }, 3000)
});

5. Setelah di-decode, ketemu deh akhirnya
    Comment Policy: Silahkan tuliskan komentar Anda yang sesuai dengan topik postingan halaman ini. Komentar yang berisi tautan tidak akan ditampilkan sebelum disetujui.
    Buka Komentar
    Tutup Komentar