How to replace a string

Okay i'm trying to replace the string and then execute it

i have unicoded string which looks like this

<script>document.write('\u0066\u0020\u002b\');</script>

and i need to replace  \ to * then change it back to \

I've attached the code.But it doesn't seam to work right.Please help me out.
<html>
<script type="text/javascript">
 
function encode(){
 
var unibatch="\u0066\u0020\u002b\";
var subas = unibatch.replace(/\/g, "*");
var ptr=subas;
 
document.write('prt.replace(/durnius/g,"*")');
 
}
window.onload=encode;
 
</script>
</html>

Open in new window

olivestAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sh0eCommented:
Need more information on what you are trying to do.
<html>
<script type="text/javascript">
 
function encode(){
 
var unibatch="\\u0066\\u0020\\u002b\\";
var subas = unibatch.replace(/\\/g, "*");
var ptr=subas;
 
document.write(ptr.replace(/durnius/g,"*"));
 
}
window.onload=encode;
 
</script>
</html>

Open in new window

0
olivestAuthor Commented:
i need to convert HEXED string which looks like this \u0066\u0020\u002b\ to this *u0066*u0020*u002b*

and then execute it as HEX string i mean , JS  must recognize it as HEX string and run encoded functions.

for instance original would look like this

document.write('\u0066\u0020\u002b\'); <---- This is understandable to DOM
document.write('*u0066*u0020*u002b*); <---- This is not understandable to DOM

i need javascript to replace characters and execute it.
0
sh0eCommented:
What I gave you would do that, assuming that the string looked like \u0066\u0020\u002b in decoded.

It is difficult to understand what you mean, because this:
document.write('\u0066\u0020\u002b\');
does not work.  That will not execute as it will be interpreted as 3 escaped u's and an escaped endquote, resulting in an unterminated string literal.

If what you want, is to convert '\u0055\u0020\u002b' ("f +" in unicode), to what you want, then you would need to encode it as escaped Unicode and then do the replace.

The actual input string needs to be seen.
0
olivestAuthor Commented:
Okay i will try to explain carefuly this time

i have string <script>alert('a')</script>

now i go to http://www.codehouse.com/webmaster_tools/html_encoder/index.htm

and encode(HEX) it <script type="text/javascript">document.write('\u003c\u0073\u0063\u0072\u0069\u0070\u0074\u003e\u0061\u006c\u0065\u0072\u0074\u0028\u0027\u0061\u0027\u0029\u003c\u002f\u0073\u0063\u0072\u0069\u0070\u0074\u003e')</script>

which would be understood as HEX'ed source in DOM.

So what i need to do is basicly replace all "\" <---- Backsplashes
to  * <--- start

and so now

i would have this:
<script type="text/javascript">document.write('*u003c*u0073*u0063*u0072*u0069*u0070*u0074*u003e*u0061*u006c*u0065*u0072*u0074*u0028*u0027*u0061*u0027*u0029*u003c*u002f*u0073*u0063*u0072*u0069*u0070*u0074*u003e')</script>

which is completley not understandable for DOM and it will not work.I need to write a function that will replace all * to \ and execute it as proper HEX'ed code.I hope this time is easier to understand my situation.
0
sh0eCommented:
Obscure code.  What are you trying to do, evade script string sanitizers?
function au(s){
return eval('"'+s.replace(/\*/g,'\\')+'"');
}
 
s='*u003c*u0073*u0063*u0072*u0069*u0070*u0074*u003e*u0061*u006c*u0065*u0072*u0074*u0028*u0027*u0061*u0027*u0029*u003c*u002f*u0073*u0063*u0072*u0069*u0070*u0074*u003e';
document.write(au(s));

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JavaScript

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.