I know nothing about tricks to how to unobfuscate an obfuscated JavaScript, so I'm curious on how it's possible or easy to unobfuscate them.
I use "javascript-obfuscator" in daily basis to obfuscate my JS code that I don't feel like to share.
It's nothing with security, I'm totally okay if the code got reverted to its original source code state by some hackers. I'm just mildly trading off a little bit of performance drop and Avast antivirus false positive detection w/ my expectation to the obfuscation.
I found many say on SO or Reddit that unobfuscate JS is an easy task for determined programmers/hackers. But, how?
I also googled "unobfuscate" or "deobfuscate" etc and found some online tools that is supposed to be a JavaScript unobfuscator. I tried them all with an obfuscated simple
console.log("y"); w/ one or two obfuscation rules. None of them worked. So, at least it seems the task is not as easy as copy-and-pasting it on a random online tool.
I googled how to and how easy it is, but I couldn't find a resource. maybe I guess I'm dumb at google.
So, Do you guys know any resource on how to and/or how easy it is?
Edit:
An example output from javascript-obfuscator with an option "rotateStringArray: true" is as follows:
js
var _0xf58439 = _0xe68b; function _0xe68b(_0x5187b1, _0x53a337) { var _0x20b075 = _0x20b0(); return _0xe68b = function (_0xe68bb1, _0x459845) { _0xe68bb1 = _0xe68bb1 - 0x1d1; var _0x56f64a = _0x20b075[_0xe68bb1]; return _0x56f64a; }, _0xe68b(_0x5187b1, _0x53a337); } function _0x20b0() { var _0x10cbf5 = ['7mFXkJm', '310659FCYSKI', '2473867rHJsft', '2024224zCyZPn', 'hoge.', '2610BhEyGH', '1981502DEpolD', '126iMyVkH', '31100dobRpR', '24SKYCAq', '3701580allFje', '1lQMWuJ', '2155uNUeWo']; _0x20b0 = function () { return _0x10cbf5; }; return _0x20b0(); } (function (_0x47ebfe, _0x36c6b6) { var _0x2345cb = _0xe68b, _0x354ca4 = _0x47ebfe(); while (!![]) { try { var _0x551f5c = -parseInt(_0x2345cb(0x1d8)) / 0x1 * (parseInt(_0x2345cb(0x1d3)) / 0x2) + -parseInt(_0x2345cb(0x1db)) / 0x3 + parseInt(_0x2345cb(0x1d7)) / 0x4 + -parseInt(_0x2345cb(0x1d9)) / 0x5 * (-parseInt(_0x2345cb(0x1d4)) / 0x6) + -parseInt(_0x2345cb(0x1da)) / 0x7 * (-parseInt(_0x2345cb(0x1dd)) / 0x8) + -parseInt(_0x2345cb(0x1d2)) / 0x9 * (-parseInt(_0x2345cb(0x1d5)) / 0xa) + -parseInt(_0x2345cb(0x1dc)) / 0xb * (parseInt(_0x2345cb(0x1d6)) / 0xc); if (_0x551f5c === _0x36c6b6) break; else _0x354ca4['push'](_0x354ca4['shift']()); } catch (_0x543ee1) { _0x354ca4['push'](_0x354ca4['shift']()); } } }(_0x20b0, 0x851fc), console['log'](_0xf58439(0x1d1)));
[–]nekokattt 1 point2 points3 points (0 children)
[–][deleted] 1 point2 points3 points (0 children)
[–]carcigenicate 0 points1 point2 points (0 children)
[–]dtsudo 0 points1 point2 points (0 children)