I noticed some obfuscated Javascript in an Exploit Kit
> a = []["constructor"]
Array() { [native code] }
> b = a["constructor"]
Function() { [native code] }
> b("console.log('a');")
anonymous() {
console.log('a');
}
> b("console.log('a');")()
a
or in other words
> [].constructor.constructor("console.log('a');")()
a
Can someone explain what's happening here? What's the constructor of a constructor of an Array?
[].constructor.constructor("console.log('a');")()
a
SO.. what is this?
[].constructor.constructor
Function() { [native code] }
Ahha... so it is just a way to invoke the Function
constructor, which takes a string to eval... then the final parens invoke it.
Function("console.log('a')")() // Works with or without `new`
a
You can enter [].constructor.constructor
into any JS console and find out for yourself.
[].constructor
-> Array() { [native code] }
[].constructor.constructor
-> Function() { [native code] }
[].constructor.constructor("console.log('a');")()
-> a
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.