-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
string splitting prevents the deobfuscator from minimising flattened code #73
Comments
generally it merges strings and inlines objects at the same time to avoid this: webcrack/packages/webcrack/src/deobfuscate/index.ts Lines 69 to 71 in 13564f6
but when looking up properties ( function main() {
var _0x4fa635 = {
'EIrIY': "Running",
'nFgHG': function (_0x4a2455, _0x1fc706) {
return _0x4a2455 + _0x1fc706;
}
};
console["log"](_0x4fa635["EIrI" + 'Y']);
for (var _0x26704d in [0x1, 0x2, 0x3, 0x4]) {
console["log"](_0x4fa635["nFgH" + 'G'](_0x26704d, 0x5));
}
} haven't seen that happen before because https://obfuscator.io/#splitstringschunklength defaults to 10, but these properties always have length 5 maybe I'll merge strings earlier when decoding |
String concatenations prevent the deobfuscator from realising it could simplify table references to be inlined
The below scripts have string arrays enabled (obfuscator.io stuff) since otherwise the deobfuscator wont even attempt to minify the table references
Flattened (deobfuscation is perfectly fine):
Flattened + Split strings (doesn't deobfuscate well):
(I assume its essentially an order of operations issue. I'd attempted to look into this myself but couldn't get the build process to cooperate at all)
The text was updated successfully, but these errors were encountered: