Source: cirosantilli/cia-2010-covert-communication-websites/feedsdemexicoyelmundo-com-javascript-reverse-engineering

= feedsdemexicoyelmundo.com JavaScript reverse engineering

The <JavaScript> of each website appears to be quite small and similarly sized. They are all minimized, but have reordered things around a bit.

For example consider: https://web.archive.org/web/20110202190932/http://feedsdemexicoyelmundo.com/mundo.js

First we have to know that the <Wayback Machine> adds some stuff before and after the original code. The actual code there starts at:
``
ap={fg:['MSXML2.XMLHTTP
``
and ends in:
``
ck++;};return fu;};
``

We can use a <JavaScript> beautifier such as https://beautifier.io/ to be abe to better read the code.

It is worth noting that there's a lot of `<script>` tags inline as well, which seem to matter.

Further analysis would be needed.