Would someone please explain what this code does.

[shockwave2k14]

Hi,

I created and maintained a website a few years back without javascript. I added a few snippets along the way (from Facebook and Google Analytics) but I was looking at my code and found this:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">

<head>

 

<script type="text/javascript">/* <![CDATA[ */Math.random=function(a,c,d,{return function(){return 300>d++?(a=(1103515245*a+12345)%b,a/b):c()}}(1048560673,Math.random,0,1<<21);/* ]]> */</script>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

 

 

Would someone please tell me what this script does. Thanks in Advance!

Tyrone

[dustcomposer]

the first one is XHTML declaration and you can read about the script here (CDATA).

[justsomeguy]

That's a replacement for the Math.random function to generate a random number. That replacement will always generate the first 300 numbers the same, the first 300 numbers will not be random, they will always be the same sequence of 300 numbers. After that it calls the build-in Math.random function to generate random numbers.

[shockwave2k14]

That's a replacement for the Math.random function to generate a random number. That replacement will always generate the first 300 numbers the same, the first 300 numbers will not be random, they will always be the same sequence of 300 numbers. After that it calls the build-in Math.random function to generate random numbers.

Thanks.....I downloaded the file with this script to my computer because I was going to remove it, but the script isn't there. I uploaded it and when I view the source code the script is still there.....How do I get rid of it?

 

Thanks,

Tyrone

[dsonesuk]

It seems its a script inserted by some internet providers for web acceleration purposes, if you viewing through satellite especially, just google '<![CDATA[ */Math.random=function(a,c,d,' and it will come up with several results (stackflow especially) regarding this.

 

Contact your provider, look on there web site to confirm, as worse case, you have the beginnings of a hack attempt to insert malware.

 

To check: in google search box in your browser type 'cache:' followed by your website address, it will show a cached version of your page from google, if its been hacked, you will probably see unrecognised links, worse case will be to viagra sites and other unsuitable sites.

Edited November 7, 2014 by dsonesuk

[shockwave2k14]

Thanks dsonesuk!