Last year, I opened a js obfuscation tool and a js obfuscation restore tool according to the second open source tool. Today, I will talk about the general principle of this obfuscation tool and what I will do next. At present, the obfuscation result of this obfuscation tool is barely, and the following is before and after obfuscation
//Before confusion function asd(data) { booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped"; booleans = { a: { b: { c: { value: "666666666666666666666666" } } } } console.log(booleans.a.b.c.value); var dddddddd = "aaaaaaaaaaaaaa"; function dddddd() { console.log(dddddddd); } var add = function(sd) { console.log(dddddddd); } alert(data); dddddd(); add(); return ""; }
//After confusion !function(e, function _(e) { function _() { for (var e = ["f8c8"], _ = 682381; ; ) { switch (_) { case 682381: console[c(a, "__x010599" + e[0], "824c2")](n), _ = 0 } break } } for (var n, o, t = ["e6a0", "7315", "571b", "6165", "a214", "34bc", "5848", "ad5e", "5e6e"], f = 523954; ; ) { switch (f) { case 242232: alert(e), f = 893579; continue; case 265396: return c(a, "__x0e740e" + t[0], "1617d"); f = 0; break; case 523954: booleans = c(a, "__x034586" + t[1], "32b82"), f = 979832; continue; case 436033: o(), f = 265396; continue; case 893579: _(), f = 436033; continue; case 628951: n = c(a, "__x0cd3dc" + t[2], "98af5"), f = 629823; continue; case 810337: o = function(e) { var _ = ["f5a2"]; console[c(a, "__x0fc3c2" + _[0], "10694")](n) } , f = 242232; continue; case 629823: f = 810337; continue; case 979832: booleans = { a: { b: { c: { value: c(a, "__x09f361" + t[3], "f6820") } } } }, f = 485749; continue; case 485749: console[c(a, "__x065aae" + t[4], "1c24e")](booleans[c(a, "__x0477b2" + t[5], "1e25d")][c(a, "__x056cdd" + t[6], "32ff5")][c(a, "__x020a5b" + t[7], "b8e32")][c(a, "__x0a2d54" + t[8], "589c4")]), f = 628951; continue } break } } e._X_195f5f = a; var n = ["4476"]; _(c(a, "__x0387e9" + n[0], "cf523")) }(this, function() { return this._X_16949a = function(e, c) { var a, _, n = "", o = c.length; for (_ = 0; _ < e.length; _++) a = _ % o, n += String.fromCharCode(e.charCodeAt(_) ^ c.charCodeAt(a)); return n } , _X_16949a(atob(arguments[0][arguments[1]]), arguments[1]) }, { __x0fc3c2f5a2: "MzAf", __x010599f8c8: "MzAf", __x065aaea214: "MzAf", __x0a2d545e6e: "KT4URQQ=", __x020a5bad5e: "PA==", __x056cdd5848: "PQ==", __x0477b234bc: "Pg==", __x0e740ee6a0: "", __x0345867315: "PDcdU1hRUURFUl9UVis6HExSR0xWVUtSREEwORdTRkdJWUNDXEFZPiYEU1xaQUpZW0BNUTo5HUJPUFxLV1VfVFEjNxFUV1FbRF9EXlBFIzMXX0NIWE1aQ1pBWTojF0BWWklKU1ZXXlszJgRCVkVAUURSV01GPDAIVVc=", __x0cd3dc571b: "Pj4ZUQIFUgUCVFZQAz4=", __x09f3616165: "aWlOBg9QBQAHAAcAA2lpTgYPUAUABwAH", __x0387e94476: "bm1LBAYO" });
It can be seen from the above that obfuscation is not too difficult. At present, I have done a more detailed unit test and overall obfuscation test for obfuscation tools, such as encryption obfuscation of various regular characters, and common open source libraries, such as vue, jq, etc., which are still fast and efficient after obfuscation, At present, there are still several imperfections
- It can be seen that there are console [****] and alert() in it, which are not handled because of the scope of object calls. If we confuse the call headers of these attribute objects in the browser window with the scope of objects written by ourselves, it will conflict. This part will be left for later processing, or we can check the table for confusion,
- The second point is the problem of string. At present, there is no problem. At present, Chinese is not supported, but it can be encoded once
As for the later optimization, first is the string, change the reading logic of the string, change to a stronger look-up logic, string storage can be changed to a unicode code array, special unicode character quaternary compression, and another point is the confusion logic. At present, control flow flattening is used, and in the later stage, recursive control flow should be added, and redirection control flow should be called, etc.
Basically, that's all. The existing functions
- Intelligent variable confusion variable naming + named compression
- Code compression
- Optimize if and conditional expressions
- Optimal circulation
- Delete unused variables / functions
- Variable scope confusion
- Unable to restore mode
- Confusion of chain function
- Chain property confusion
- Obfuscation of object calls
- Digital confusion
- String encryption
- String obfuscation
- Process flattening
Even the logic of my tool's web page is confused by my tool
If you are interested, you can leave a message. I will add some new confusion. At last, I wish you both lungs have normal texture and distribution, no solid lesions in the lungs, small hilar, middle mediastinum, small heart shadow, and sharp costophrenic angle after diaphragm surface polishing. Hematuria routine is normal, CRP is normal, nucleic acid test is negative, the year of the rat is auspicious, number one or two, you are the best!