Hi there,
I have been ripping some desktop landers via httrack and am learning how to clean them up.
I came across this code with the referenced "fn.min.js" script - I opened the script to see if there was a jquery version assigned to it, there isn't. When I try removing this .js file, it breaks the lander.
Question, how do I know which jquery file to use if the .js file doesn't specify which version it is? Also, does this mean that there is most likely malicious code in this .js file if the lander breaks when I remove it?
And lastly, what the hell is the second part of that script? What is it doing?
How would you guys approach this in this instance? Should I just scrap this and am I better off just looking for another lander?
I'm going to tag @matuloo in this because I know he has a lot of experience in adult. Thank you very much guys!!!
<script src="js/fn.min.js"></script>
<script>
jQuery(document).ready(function () {
if (jQuery('img').hasClass('lazy')) {
jQuery("img.lazy").lazyload({
failure_limit: 10,
threshold: 150
});
}
});
</script>
Lazy Load is delays loading of images in long web pages. Images outside of viewport are not loaded until user scrolls to them. This is opposite of image preloading. Using Lazy Load on long web pages will make the page load faster. In some cases it can also help to reduce server load.
Malicious code usually has a url in there somewhere, either in full, or broken into pieces, and/or obfuscated code that isn't human readable.
It's easy to just search for "http", "www", "window.open" etc and find instances of those.
Secondly to be safe (but honestly I've rarely seen stuff hidden there), you should always just replace the javascript files with public libraries like the ones hosted on google, ex https://developers.google.com/speed/libraries/#jquery or cdnjs.com
You'll often find the version number in the filename, or at the top of the file, but you can drop in a recent version if you don't see any indicator and mostly likely it will work too.
Thank you @thedudeabides and @milehighclub, I appreciate your insight! It was very helpful, now I know lazyload is mean to delay loading of images to speed up load times of long webpages. And it was helpful to understand that it might be less often than I think that malicious code could be in a .js file.
Thanks again!