foreword
Today I will talk about the last part of the Python framework source code topic, crawler cluster deployment, and updated fifteen series of articles about learning python from scratch, which are :
- Programming grammar/network programming/multi-thread/multi-process/coroutine/database
- Machine Learning/Full Stack Development/Data Analysis/Hadoop/Spark
- Crawler/automation and packet capture//scrapy/feapder/crawler cluster deployment
You can turn forward to my article to view
Python resources suitable for zero-based learning and advanced people :
① Tencent certified python complete project practical tutorial notes PDF
② More than a dozen major factories python interview topics PDF
③ Python full set of video tutorials (zero-based-advanced JS reverse)
④ Hundreds A project + source code + notes
⑤ programming grammar - machine learning - full stack development - data analysis - reptiles - APP reverse and other full set of projects + documents
This series will explain JavaScript reverse topics from nine aspects
1. Browser debugging
- js scope
- browser object properties
- browser console
2. National standard hash algorithm
- sha1 algorithm
- sha256 algorithm
- sha512 algorithm
- md5
- hmac algorithm
- Python and JavaScript implementation
3. National standard symmetric encryption
- DES algorithm
- AES algorithm
- The crypto-js module uses
- pycryptodome
4. National standard asymmetric encryption
- RAS algorithm principle
- asymmetric feature
- JavaScript Algorithm Restoration
- ras module
- jesencrypt
5. webpack module packaging
- Webpack packaging principle
- Webpack construction form
- Global export encryption function
6. JS obfuscation
- JavaScript compression obfuscation principle
- OB confusion feature
- Obfuscate JavaScript
7.cookie anti-climbing processing
- The principle of cookie encryption and decryption
- cookie and session mechanism
- cookie hook trick
- acw_sc_v2 debug
9.AST abstract syntax tree
- AST technology introduction
- String and Encoding Restoration
- evaluate method learning
- JavaScript combat obfuscation
10.JS security product attack and defense
- Swiss number
- acw_sc_v2
Chapter 1: Browser Debugging
JavaScript is a scripting language running in the browser, which can access and operate various properties and methods of the browser through the browser object. Understanding the properties and methods of the browser object is very important when reverse engineering JavaScript.
1. JS scope
In JavaScript, scope refers to the accessible scope of variables and functions. There are two kinds of scopes in JavaScript: global scope and local scope.
Global scope refers to variables and functions that can be accessed throughout a JavaScript program, while local scope refers to variables and functions that can only be accessed inside a function.
2. Browser Object Properties
In JavaScript, browser objects refer to some objects provided by the browser, through which various properties and methods of the browser can be accessed and manipulated. Here are some commonly used browser object properties:
- window: Indicates the current browser window or tab page.
- document: Indicates the current document object.
- location: Indicates the URL of the current document.
- navigator: Indicates the information of the current browser.
- history: Indicates the history of the current browser.
3. Browser Console
The browser console is an important part of the developer tools, which can be used to debug JavaScript code, view network requests, analyze page performance, etc. Here are some commonly used browser console commands:
console.log()
: Used to output log information.console.dir()
: Used to output the properties and methods of the object.console.error()
: Used to output error information.console.warn()
: Used to output warning information.console.clear()
: Used to clear the console.
Sample code:
// 输出日志信息
console.log("Hello, world!");
// 输出对象的属性和方法
var obj = {name: "Tom", age: 18};
console.dir(obj);
// 输出错误信息
console.error("Something went wrong!");
// 输出警告信息
console.warn("This is a warning!");
// 清空控制台
console.clear();
The above is some basic knowledge introduced by browsers in the JavaScript reverse topic. For developers who perform JavaScript reverse analysis, it is very important to understand this knowledge.
Chapter 2: National Standard Hash Algorithm
The national standard hash algorithm is an algorithm that compresses messages of any length into a fixed-length digest, and is often used in data integrity verification, digital signatures and other fields. This article will introduce the national standard hash algorithm in detail from six directions: sha1 algorithm, sha256 algorithm, sha512 algorithm, md5 algorithm, hmac algorithm, and Python and JavaScript implementation.
1. sha1 algorithm
The sha1 algorithm is a highly secure hash algorithm that compresses a message of any length into a 160-bit digest. The following is a sample code for implementing the sha1 algorithm in Python:
import hashlib
def sha1(data):
sha1 = hashlib.sha1()
sha1.update(data.encode('utf-8'))
return sha1.hexdigest()
The following is a sample code for implementing the sha1 algorithm in JavaScript:
function sha1(data) {
const sha1 = crypto.createHash('sha1');
sha1.update(data);
return sha1.digest('hex');
}
2. sha256 algorithm
The sha256 algorithm is a more secure hash algorithm that compresses messages of any length into a 256-bit digest. The following is a sample code for implementing the sha256 algorithm in Python:
import hashlib
def sha256(data):
sha256 = hashlib.sha256()
sha256.update(data.encode('utf-8'))
return sha256.hexdigest()
The following is a sample code for implementing the sha256 algorithm in JavaScript:
function sha256(data) {
const sha256 = crypto.createHash('sha256');
sha256.update(data);
return sha256.digest('hex');
}
3. sha512 algorithm
The sha512 algorithm is a more secure hash algorithm that compresses messages of any length into a 512-bit digest. The following is a sample code for implementing the sha512 algorithm in Python:
import hashlib
def sha512(data):
sha512 = hashlib.sha512()
sha512.update(data.encode('utf-8'))
return sha512.hexdigest()
The following is a sample code for implementing the sha512 algorithm in JavaScript:
function sha512(data) {
const sha512 = crypto.createHash('sha512');
sha512.update(data);
return sha512.digest('hex');
}
4. md5 algorithm
The md5 algorithm is a more commonly used hash algorithm, which compresses a message of any length into a 128-bit digest. The following is a sample code for implementing the md5 algorithm in Python:
import hashlib
def md5(data):
md5 = hashlib.md5()
md5.update(data.encode('utf-8'))
return md5.hexdigest()
The following is a sample code for implementing the md5 algorithm in JavaScript:
function md5(data) {
const md5 = crypto.createHash('md5');
md5.update(data);
return md5.digest('hex');
}
5. hmac algorithm
The hmac algorithm is a message authentication code algorithm based on a hash function and a key, which is often used for data integrity check and digital signature. The following is a sample code for implementing the hmac algorithm in Python:
import hmac
import hashlib
def hmac_sha256(key, data):
hmac_sha256 = hmac.new(key.encode('utf-8'), data.encode('utf-8'), hashlib.sha256)
return hmac_sha256.hexdigest()
The following is a sample code for implementing the hmac algorithm in JavaScript:
function hmac_sha256(key, data) {
const hmac_sha256 = crypto.createHmac('sha256', key);
hmac_sha256.update(data);
return hmac_sha256.digest('hex');
}
6. Python and JavaScript implementation
The following is a sample code for implementing the sha256 algorithm in Python and JavaScript:
Python:
import hashlib
def sha256(data):
sha256 = hashlib.sha256()
sha256.update(data.encode('utf-8'))
return sha256.hexdigest()
JavaScript:
javascript
function sha256(data) {
const sha256 = crypto.createHash('sha256');
sha256.update(data);
return sha256.digest('hex');
}
The above is the introduction of the national standard hash algorithm, including sha1 algorithm, sha256 algorithm, sha512 algorithm, md5 algorithm, hmac algorithm and Python and JavaScript implementation. In practical applications, it is necessary to select an appropriate hash algorithm according to specific requirements.
Chapter 3: National Standard Symmetric Encryption
The national standard symmetric encryption algorithm refers to the encryption algorithm standard issued by the State Cryptography Administration of China, including DES algorithm, AES algorithm, etc. In JavaScript reverse engineering, it is very important to understand the principles and usage of these algorithms.
1. DES algorithm
The DES algorithm is a symmetric encryption algorithm with a key length of 56 bits, which is divided into two processes: encryption and decryption. In JavaScript, you can use the crypto-js module for DES encryption and decryption operations.
Encrypted sample code :
var key = CryptoJS.enc.Utf8.parse("1234567890123456");
var iv = CryptoJS.enc.Utf8.parse("1234567890123456");
var encrypted = CryptoJS.DES.encrypt("Hello World", key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
console.log(encrypted.toString());
Decryption sample code :
var key = CryptoJS.enc.Utf8.parse("1234567890123456");
var iv = CryptoJS.enc.Utf8.parse("1234567890123456");
var decrypted = CryptoJS.DES.decrypt(encrypted, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
console.log(decrypted.toString(CryptoJS.enc.Utf8));
2. AES algorithm
The AES algorithm is a symmetric encryption algorithm. The key length can be 128 bits, 192 bits or 256 bits. It is divided into two processes: encryption and decryption. In JavaScript, you can use the crypto-js module for AES encryption and decryption operations.
Encrypted sample code :
var key = CryptoJS.enc.Utf8.parse("12345678901234567890123456789012");
var iv = CryptoJS.enc.Utf8.parse("1234567890123456");
var encrypted = CryptoJS.AES.encrypt("Hello World", key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
console.log(encrypted.toString());
Decryption sample code :
var key = CryptoJS.enc.Utf8.parse("12345678901234567890123456789012");
var iv = CryptoJS.enc.Utf8.parse("1234567890123456");
var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
console.log(decrypted.toString(CryptoJS.enc.Utf8));
3. Use of crypto-js module
crypto-js is a JavaScript encryption library that supports multiple encryption algorithms, including DES, AES, SHA-1, SHA-256, etc. Before using it, you need to introduce the crypto-js library.
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
4.pycryptodome
pycryptodome is a Python encryption library that supports multiple encryption algorithms, including DES, AES, SHA-1, SHA-256, etc. Before using it, the pycryptodome library needs to be installed.
pip install pycryptodome
Example usage:
from Crypto.Cipher import AES
key = b'1234567890123456'
iv = b'1234567890123456'
cipher = AES.new(key, AES.MODE_CBC, iv)
msg = b'Hello World'
encrypted = cipher.encrypt(msg)
print(encrypted)
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = cipher.decrypt(encrypted)
print(decrypted)
Chapter 4: National Standard Asymmetric Encryption
1. RSA algorithm principle:
The RSA algorithm is an asymmetric encryption algorithm, and its security is based on the difficulty of decomposing large numbers. The core of the RSA algorithm is to select two large prime numbers p and q, calculate their product n=pq, and then select an integer e such that 1<e<φ(n) and e and φ(n) are relatively prime, where φ( n)=(p-1)(q-1). Then calculate d, so that d*e mod φ(n)=1, d is called the modulus inverse element of e. The public key is (n,e) and the private key is (n,d).
2. Asymmetric features:
An asymmetric encryption algorithm has two keys, one is a public key and the other is a private key. The public key can be made public, and anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it. The security of asymmetric encryption algorithms is based on mathematical problems, such as large number decomposition, discrete logarithm, etc. These problems are very difficult in the computer field.
3. JavaScript algorithm restoration:
In JavaScript, you can use the BigInt type to handle large number operations. First, you need to implement a function to determine whether a number is prime:
function isPrime(n) {
if (n <= 1) {
return false;
}
for (let i = 2; i <= Math.sqrt(n); i++) {
if (n % i === 0) {
return false;
}
}
return true;
}
Next, a function can be implemented to generate large prime numbers:
function generatePrime(bits) {
let p;
do {
p = BigInt(Math.floor(Math.random() * 2 ** bits));
} while (!isPrime(p));
return p;
}
Then, a function can be implemented to calculate the greatest common divisor of two numbers:
function gcd(a, b) {
if (b === 0) {
return a;
}
return gcd(b, a % b);
}
Next, a function can be implemented to compute the modulo inverse elements of two numbers:
function modInverse(a, m) {
let [x, y, u, v] = [0n, 1n, 1n, 0n];
while (a !== 0n) {
let q = m / a;
let r = m % a;
let m1 = x - u * q;
let m2 = y - v * q;
m = a;
a = r;
x = u;
y = v;
u = m1;
v = m2;
}
return x < 0n ? x + m : x;
}
Finally, a function can be implemented to generate an RSA key pair:
function generateRSAKeyPair(bits) {
let p = generatePrime(bits / 2);
let q = generatePrime(bits / 2);
let n = p * q;
let phi = (p - 1n) * (q - 1n);
let e = 65537n;
let d = modInverse(e, phi);
return {
publicKey: [n, e],
privateKey: [n, d],
};
}
4. ras module
In Node.js, you can use the crypto module to implement RSA encryption and decryption. First, an RSA key pair needs to be generated:
const { generateKeyPairSync } = require('crypto');
const { publicKey, privateKey } = generateKeyPairSync('rsa', {
modulusLength: 2048,
publicKeyEncoding: {
type: 'spki',
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
},
});
Next, the data can be encrypted using the public key:
const crypto = require('crypto');
const data = 'hello world';
const encrypted = crypto.publicEncrypt(publicKey, Buffer.from(data));
console.log(encrypted.toString('base64'));
Decrypt the data using the private key:
const decrypted = crypto.privateDecrypt(privateKey, encrypted);
console.log(decrypted.toString());
5.jesencrypt
Jesencrypt is a JavaScript-based RSA encryption library that can be used in browsers. Its usage is similar to the crypto module in Node.js. First, an RSA key pair needs to be generated:
const { generateKeyPair } = require('jesencrypt');
generateKeyPair().then(({ publicKey, privateKey }) => {
console.log(publicKey);
console.log(privateKey);
});
Next, the data can be encrypted using the public key:
const { encrypt } = require('jesencrypt');
const data = 'hello world';
encrypt(data, publicKey).then((encrypted) => {
console.log(encrypted);
});
Decrypt the data using the private key:
const { decrypt } = require('jesencrypt');
const encrypted = '...';
decrypt(encrypted, privateKey).then((decrypted) => {
console.log(decrypted);
});
Chapter 5: Webpack module packaging
1. The principle of webpack packaging
Webpack is a module packaging tool that can package multiple modules into one file for easy use in the browser. The packaging principle of Webpack is to package all modules into one or more bundle files, which can be resource files such as JavaScript, CSS, and images.
The packaging process of Webpack is divided into three stages :
-
Parsing modules : Webpack will start from the entry file and recursively parse all dependent modules to form a dependency tree.
-
Compile modules : Webpack will compile each module into an executable block of JavaScript code.
-
Output files : Webpack will combine all JavaScript code blocks into one or more bundle files for easy use in the browser.
2. Webpack construction form
There are two construction forms of Webpack :
1) Command line form : Enter the webpack command through the command line to package all modules into one or more bundle files.
2) Configuration file form : Through the configuration file webpack.config.js
, Webpack can be configured in more detail, including entry files, output files, module parsing rules, plug-ins, etc.
3. Globally export encryption functions
In Webpack, you can protect the security of JavaScript code by exporting encryption functions globally. The principle of exporting the encryption function globally is to encrypt the JavaScript code through an encryption algorithm, and then use the encrypted code as the return value of a function. This function can be called globally to protect the JavaScript code.
The implementation steps of global export encryption function are as follows :
-
1) Encrypt the JavaScript code that needs to be encrypted through an encryption algorithm.
-
2) Use the encrypted code as the return value of a function.
-
3) Export this function
module.exports
so that it can be called globally.
The sample code is as follows:
const encrypt = require('encrypt');
const code = 'console.log("Hello, World!");';
const encryptedCode = encrypt(code);
module.exports = function() {
return eval(encryptedCode);
};
In the above code, the encrypt function is an encryption function, which encrypts the JavaScript code and returns the encrypted code. Then, export the encrypted code module.exports
so that it can be called globally. Finally, the encrypted code is executed through the eval function.
Chapter 6: JS obfuscation
JavaScript obfuscation is a technique for compressing and obfuscating JavaScript code, which aims to increase the complexity and difficulty of the code, making it difficult for reverse engineers or hackers to crack and tamper with the code. The following is a detailed introduction from the three directions of JavaScript compression obfuscation principle, OB obfuscation features and OB obfuscation JavaScript.
1.JavaScript compression obfuscation principle
The purpose of JavaScript compression obfuscation is to reduce the file size, improve the loading speed, and also increase the security of the code to prevent malicious tampering or misappropriation. The principle of JavaScript compression obfuscation is mainly to reduce the file size by deleting useless spaces, comments, line breaks, etc., and at the same time increase the difficulty of the code by renaming variables, function names, etc., making the code difficult to understand and modify.
2. OB confusion feature
OB obfuscation is a common JavaScript obfuscation method. It is characterized by randomly renaming variables and function names in JavaScript code, making it difficult to understand and modify the code. The main features of OB obfuscation include:
-
Random renaming of variables and function names: OB confusion will randomly rename variables and function names in JavaScript code, making it difficult to understand and modify the code.
-
String encryption: OB obfuscation will encrypt strings in JavaScript code, making it difficult to understand and modify the code.
-
Code structure obfuscation: OB obfuscation will obfuscate the structure in the JavaScript code, making the code difficult to understand and modify.
3. Detailed explanation of three directions of OB confusing JavaScript
Randomly rename variables and function names
OB confusion will randomly rename variables and function names in JavaScript code, making it difficult to understand and modify the code. This process can be achieved through the following steps:
-
Traverse the JavaScript code to get all variables, function names and other identifiers.
-
Generate random identifier names and replace existing identifier names with random names.
-
Update all references to the identifier in your code to replace it with the new random name.
string encryption
OB obfuscation encrypts strings in JavaScript code, making it difficult to understand and modify the code. This process can be achieved through the following steps:
-
Traverse the JavaScript code to get all the strings.
-
To encrypt the string, you can use common encryption algorithms, such as Base64, AES, etc.
-
Update all references to the string in your code to replace it with the encrypted string.
code structure obfuscation
OB obfuscation will obfuscate the structure in the JavaScript code, making the code difficult to understand and modify. This process can be achieved through the following steps:
-
Divide the JavaScript code into chunks, and randomly sort the code in each chunk.
-
The code in each block is randomly combined to generate a new code structure.
-
Update all references to the block in the code to replace it with the new code structure.
In short, OB obfuscation is a common JavaScript obfuscation method, which can effectively increase code security and prevent malicious tampering or misappropriation. However, OB confusion will also increase the complexity and maintenance cost of the code, so it needs to be weighed in practical applications.
Chapter 7: Cookie anti-climbing processing
In the field of reptiles, websites usually use cookies for anti-crawling processing to identify crawlers and limit their access. Therefore, it is very important for crawler developers to understand the principles and techniques of cookie anti-crawling processing.
1. The principle of cookie encryption and decryption
In the HTTP protocol, cookies are passed through the Set-Cookie and Cookie headers. Websites usually encrypt or encode cookies to prevent malicious tampering or theft. Common encryption methods include Base64, MD5, SHA1, etc.
2. cookie and session mechanism
Cookie and session are two commonly used mechanisms in web development. A cookie is a small text file stored on the client side to store the user's identity information, browsing history, etc. The session is a data structure stored on the server side, which is used to store the user's session information. Usually, the server will store the session ID in the cookie to identify the user in subsequent requests.
3. cookie hook skills
Cookie hook is a commonly used anti-crawling technique, which can bypass the website's anti-crawling mechanism by modifying the value of cookies. Common cookie hook techniques include:
- Modify cookie values to bypass website restrictions.
- Delete cookies to avoid being identified as crawlers by websites.
- Fake cookies to mimic normal user behavior.
4. acw_sc_v2 debugging
When performing cookie anti-climbing processing, the parameter acw_sc_v2 is often encountered. This parameter is an anti-crawling mechanism of Alibaba Cloud CDN, which is used to detect whether the request comes from a normal browser. If the request does not have the correct acw_sc_v2 parameter, the CDN will return a 403 error.
In order to solve this problem, we need to understand how acw_sc_v2 is generated and debugged.
Generation method of acw_sc_v2
The generation method of acw_sc_v2 parameters is relatively complicated, and some encryption algorithms are required. In general, generating acw_sc_v2 parameters requires the following steps:
-
Get the current timestamp in milliseconds.
-
Convert the timestamp to a hexadecimal string, and add 0 in front to make it 13 bits long.
-
Concatenate the 13-digit timestamp string with a random string to get a new string.
-
Perform MD5 encryption on the new string to get a 32-bit string.
-
Take out the first 6 digits and the last 6 digits of the 32-bit string to obtain two 6-digit strings.
-
Concatenate two 6-digit strings to get a 12-digit string, which is the value of the acw_sc_v2 parameter.
Debugging method of acw_sc_v2
When performing cookie anti-climbing processing, we need to debug the generation process of the acw_sc_v2 parameter so that the parameter can be generated correctly. Here are several debugging methods:
- Use browser developer tools
Open the target website in a browser and press the F12 key to open the developer tools. Find a request in the Network tab and view the request header information of the request. Generally speaking, the acw_sc_v2 parameter will appear in the Cookie field of the request header. Copy the Cookie field, and then use the MD5 encryption algorithm to encrypt it to obtain a 32-bit string. Finally follow the steps above to convert the 32-bit string to the value of the acw_sc_v2 parameter.
- use python script
The acw_sc_v2 parameters can be automatically generated using a Python script. Here is an example Python script:
import time
import random
import hashlib
def generate_acw_sc_v2():
timestamp = str(int(time.time() * 1000))
random_str = ''.join(random.sample('abcdefghijklmnopqrstuvwxyz0123456789', 6))
new_str = timestamp + random_str
md5_str = hashlib.md5(new_str.encode('utf-8')).hexdigest()
acw_sc_v2 = md5_str[:6] + md5_str[-6:]
return acw_sc_v2
The script generates a random value for the acw_sc_v2 parameter.
- use online tools
Some online tools can be found on the Internet that can help us generate acw_sc_v2 parameters
Chapter 9: AST Abstract Syntax Tree
AST (Abstract Syntax Tree) abstract syntax tree is a data structure that converts code into a tree structure, which can help us better understand the structure and meaning of code. In JavaScript, AST can be used for code analysis, code optimization, code obfuscation, etc.
The following is a detailed introduction to the application of AST from several directions: AST technology introduction, string and encoding restoration, evaluate method learning, JavaScript actual combat de-obfuscation.
1. Introduction to AST technology
AST is a data structure that converts code into a tree structure, which can help us better understand the structure and meaning of code. In JavaScript, AST can be used for code analysis, code optimization, code obfuscation, etc.
The AST generation process is generally divided into three steps: lexical analysis, syntax analysis, and AST construction. Lexical analysis decomposes the code into individual lexical units, grammatical analysis combines lexical units into a syntax tree, and AST construction converts the syntax tree into AST.
2. String and encoding restoration
In JavaScript, after the code is compressed and obfuscated, variable names, function names, etc. are often replaced with meaningless strings or codes. At this time, we need to restore these strings and encodings to the original variable names, function names, etc.
String restoration can be achieved by regular expressions or string replacement. The encoding restoration principle needs to be decoded according to the specific encoding method. Common encoding methods include Unicode encoding and Base64 encoding.
AST string and encoding reduction refers to the process of converting AST to string form and restoring string to AST. This process is very important in JavaScript code obfuscation and deobfuscation.
Here's a simple example showing how to convert an AST to a string:
const esprima = require('esprima');
const code = 'function add(a, b) { return a + b; }';
const ast = esprima.parseScript(code);
const astString = JSON.stringify(ast, null, 2);
console.log(astString);
In this example, we used the esprima library to parse the code into an AST. We then use the JSON.stringify method to convert the AST to a string and print it to the console.
The output is as follows:
{
"type": "Program",
"body": [
{
"type": "FunctionDeclaration",
"id": {
"type": "Identifier",
"name": "add"
},
"params": [
{
"type": "Identifier",
"name": "a"
},
{
"type": "Identifier",
"name": "b"
}
],
"body": {
"type": "BlockStatement",
"body": [
{
"type": "ReturnStatement",
"argument": {
"type": "BinaryExpression",
"operator": "+",
"left": {
"type": "Identifier",
"name": "a"
},
"right": {
"type": "Identifier",
"name": "b"
}
}
}
]
}
}
],
"sourceType": "script"
}
We can see that the AST is converted into a JSON string, where each node has a type attribute to indicate the type of the node. For example, FunctionDeclaration represents a function declaration, Identifier represents an identifier, BinaryExpression represents a binary expression, and so on.
Next, we'll cover how to restore a string to an AST.
const esprima = require('esprima');
const astString = `{
"type": "Program",
"body": [
{
"type": "FunctionDeclaration",
"id": {
"type": "Identifier",
"name": "add"
},
"params": [
{
"type": "Identifier",
"name": "a"
},
{
"type": "Identifier",
"name": "b"
}
],
"body": {
"type": "BlockStatement",
"body": [
{
"type": "ReturnStatement",
"argument": {
"type": "BinaryExpression",
"operator": "+",
"left": {
"type": "Identifier",
"name": "a"
},
"right": {
"type": "Identifier",
"name": "b"
}
}
}
]
}
}
],
"sourceType": "script"
}`;
const ast = JSON.parse(astString);
console.log(ast);
In this example, we assign the AST string directly to a variable. We then use the JSON.parse method to convert the string to an AST object and print it to the console.
The output is the same as the previous example and will not be repeated here.
In general, AST string and encoding reduction is a very important part of JavaScript code obfuscation and deobfuscation. Mastering this technique can help us better understand and deal with obfuscated code.
3.evaluate method learning
The evaluate method is a built-in function in JavaScript that can execute a string as code. In AST, we can execute code in AST nodes through evaluate method.
The use of the evaluate method is very simple, you only need to convert the code in the AST node into a string, and then pass it into the evaluate method. It should be noted that since the evaluate method will execute arbitrary code, you need to be cautious when using it to avoid executing malicious code.
4.JavaScript deobfuscation
In actual development, we often encounter code confusion. Code obfuscation can be achieved by compressing code, replacing variable names, encoding strings, etc., making the code difficult to read and understand.
During the deobfuscation process, AST can help us better understand the structure and meaning of the code, making it easier to restore the original code. Common de-obfuscation methods include string and encoding restoration, variable name restoration, function restoration, etc.
In summary, AST is a very useful technology that can help us better understand and process JavaScript code. In actual development, we can use AST to implement functions such as code analysis, code optimization, and code obfuscation, thereby improving code quality and security.
Chapter 10: Attack and Defense of JS Security Products
1. Swiss number
2.acw_sc_v2
Python resources suitable for zero-based learning and advanced people :
① Tencent certified python complete project practical tutorial notes PDF
② More than a dozen major factories python interview topics PDF
③ Python full set of video tutorials (zero-based-advanced JS reverse)
④ Hundreds A project + source code + notes
⑤ programming grammar - machine learning - full stack development - data analysis - reptiles - APP reverse and other full set of projects + documents