Landing pages are highly obfuscated JavaScript code. De-obfuscating JavaScript is a tedious task and requires knowledge about JavaScript. Explaining in detail is beyond the scope of this book and will divert you away from the actual topic. Malzilla is one very popular tool used by malware researchers to de-obfuscate JavaScript:

The browser can also be used to de-obfuscate, as browsers have tools to debug JavaScript. Here is a simple example of how to do it. There is a simple code that is meant to assign the Hello World string to the variable nnnnssss. But the code is obfuscated by using hex instead of ASCII in place of the word world.

To de-obfuscate it, we add an alert() function to the code to view the variable as a messagebox() and open the script in Internet Explorer.

The preceding example is very simple. One needs to observe the code and modify the original code in order to de-obfuscate it.