introduction
JavaScript is a widely used programming language for both front-end and back-end development. However, it is also vulnerable to extracting sensitive information through reverse engineering. To prevent such attacks, developers often use obfuscation techniques that make the code difficult to understand or decipher. This article explores JavaScript obfuscation techniques and how to decrypt them using various tools and methods.
JS obfuscation technology
There are several techniques used to obfuscate JavaScript code, including function renaming, variable substitution, string encryption, and code splitting. Function renaming involves renaming function names and parameters, making it difficult for an attacker to understand the purpose of each function. Variable substitution replaces variable names with shorter, meaningless names, making code harder to read. String encryption encodes sensitive strings to avoid exposing them in code. Code splitting divides the code into multiple smaller files, making it harder to understand the logic of the code.
sample code
Consider the following JavaScript code, which uses various obfuscation techniques:
var _0xa1a7=["\x66\x75\x6E\x63\x74\x69\x6F\x6E","\x72\x65\x61\x64\x44\x61\x74\x61","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64","\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64","\x63\x6F\x6E\x74\x65\x6E\x74","\x2E","\x68\x74\x6D\x6C","\x3C\x64\x69\x76\x3E","\x3C\x2F\x64\x69\x76\x3E","\x62\x6F\x64\x79"];var h=document[_0xa1a7[2]](_0xa1a7[1]),i=document[_0xa1a7[2]](_0xa1a7[3]);i[_0xa1a7[0]]=function(){
h[_0xa1a7[0]]=_0xa1a7[4]+h[_0xa1a7[0]]+_0xa1a7[4]};document[_0xa1a7[6]][_0xa1a7[5]](h),document[_0xa1a7[6]][_0xa1a7[5]](i),document[_0xa1a7[9]][_0xa1a7[8]][_0xa1a7[7]]=_0xa1a7[4]+_0xa1a7[4]+_0xa1a7[4]+_0xa1a7[4]+_0xa1a7[4]+_0xa1a7[4];
At first glance, this code looks pointless and it is impossible to understand its purpose. However, using some tricks and tools, we can decipher it and understand its purpose.
Decryption steps
1. Decrypt the obfuscated name:
var createElement = "createElement",
readData = "readData",
getElementById = "getElementById",
appendChild = "appendChild",
content = "content",
dot = ".",
html = "html",
div = "<div>",
endDiv = "</div>",
body = "body";
var h = document[getElementById](readData),
i = document[getElementById](content);
i[createElement] = function () {
h[createElement] = dot + h[createElement] + dot;
};
document[html][dot](h), document[html][dot](i), document[body][content][html] = dot + dot + dot + dot + dot + dot;
2. Parse the code to understand its purpose: The code reads data from an HTML element, appends a dot before and after its content, and then inserts the modified content into the body of the HTML document. The purpose of this code is to obfuscate and hide the actual content of the website to avoid unsafe issues.
in conclusion
JavaScript obfuscation is a common practice used to protect code from reverse engineering. However, with the right tools and techniques, it is possible to decipher and understand the functionality of the code. When obfuscating code, remember the importance of balancing safety and readability.
jsjiami.com
If you have different views or questions about the content of the article, please leave a message in the comment area, or send me a private message.
You can also go to the website above, and there is my contact information at the bottom to discuss in detail.