JavaScript decrypt

[xavx2]

Ok this is been driving me crazy. Somebody posted this on my website. I am trying to figure out what it does. I can noit figure out how to decrypt it. Any help will be apreciated.

var _0xf58c=["\x3C\x69","\x66\x72","\x61","\x6D\x65\x20\x73\x74\x79\x6C\x65\x3D\x22\x77\x69\x64\x74\x68\x3A\x31\x30\x30\x25\x3B\x20\x68\x65\x69\x67\x68\x74\x3A\x38\x32","\x30\x70\x78\x3B\x20\x62\x6F\x72\x64\x65\x72\x3A\x30\x70\x78\x22\x20\x73\x63\x72\x6F\x6C\x6C\x69\x6E\x67\x3D\x22\x6E\x6F\x22\x20\x62\x6F\x72\x64\x65\x72\x3D\x22\x30\x22\x20\x73\x72\x63\x3D\x22\x6D\x61","\x69\x6E\x2E\x70","\x68\x70\x22\x3E\x3C\x2F\x69\x66","\x72\x61","\x6D\x65\x3E","\x77\x72\x69\x74\x65\x6C\x6E"];document[_0xf58c[9]](_0xf58c[0]+_0xf58c[1]+_0xf58c[2]+_0xf58c[3]+_0xf58c[4]+_0xf58c[5]+_0xf58c[6]+_0xf58c[7]+_0xf58c[8]);

 

[DavidAM]

It is an attempt to inject an iframe into your page. If this came from a user input and you put it in your database, and then write it to a page for another user, it would put an iframe on the page and make it look like it was your page (assuming it landed inside a SCRIPT tag).

 

Seems a poor attempt, since the href is local to your site -- unless they were trying to expose some of your code to try to get your database info. Of course, it's still a poor attempt since the page specified would have been processed normally, or would have produced a 404. Or maybe it was a test to see if your site was susceptible to injection attacks.

 

It decodes to:

<iframe style="width:100%; height:820px; border:0px" scrolling="no" border="0" src="main.php"></iframe>

 

So, did you pass the test?