Introduction to the use of evil Eval and new function

Time:2022-5-24

code:

Copy codeThe code is as follows:

//Friendly reminder: for the safety of your fingers, please run it under chrome
‘alert(“hello”)’.replace(/.+/, eval);
‘alert(“hello”)’.replace(/.+/, function(m){new Function(m)();});

var i = 0; eval(new Array(101).join(‘alert(++i);’));
var i = 0; new Function(new Array(101).join(‘alert(++i);’))();

Explanation:
1、string. Replace (regexp, replacement): replacement can be function In this case, the function is invoked for each match, and the string it returns is used as the replacement text.

2. New function (argument_names…, body): note the body in the parameter In this way, use new function (‘body ‘) ()
, you can also execute code dynamically like eval.

3、array. Join (separator): This is the simplest, not much to say. Here, it is cleverly used to solve a boring problem: write a piece of code and print an integer from 1 to 100 after running. Loops, jumps and recursion are not allowed.

What can these codes do? To be sure, you can do a lot of dirty things. What exactly is it? Think for yourself.

 

Recommended Today

SAP ui5 barcodescanerbutton feature detection, Cordova API detection and other logic

sap. ndc. Barcodescannerbutton: button control used to start the barcode scanning process (display barcode icon). If the local scanning function is not available or the camera function is not granted, the button is either hidden or provides backup by opening a dialog box with input fields, in which the barcode can be entered manually. After […]