本文主要是作者记笔记为主,温故而知新,记录混淆和解混淆的代码
以以下代码为例:
function test(a, b){
const c = "123";
a = a + 1 // a
a = a + 2
a = a * 1234
a = a.toString()
a = a.substring(0, 3)
b = a + "00"
return b;
}
test(2)
console.log(test(1))
首先导入库
const fs = require('fs');
const parser = require("@babel/parser");
const traverse = require("@babel/traverse").default;
const types = require("@babel/types");
const generator = require("@babel/generator").default;
const jscode = fs.readFileSync("./test2.js", {
encoding: "utf-8"
});
let ast = parser.parse(jscode);
将1,2,1234这些数值常量进行异或的方式进行加密,混淆代码如下:
const obnum = {
NumberLiteral(path) {
if (types.isNumericLiteral(path.node)) {
let result = path.node.value ^ 0x3;
path.replaceWith(types.binaryExpression('^', types.numericLiteral(result), types.numericLiteral(0x3)));
}
path.skip()
}
}
traverse(ast, obnum)
混淆后的代码如下:
function test(a, b) {
const c = "123";
a = a + (2 ^ 3); // a
a = a + (1 ^ 3);
a = a * (1233 ^ 3);
a = a.toString();
a = a.substring(3 ^ 3, 0 ^ 3);
b = a + "00";
return b;
}
test(1 ^ 3);
console.log(test(2 ^ 3));
解混淆的ast代码如下:
// 混淆代码,将其中的数值常量进行异或混(解混淆)
const obnum = {
BinaryExpression(path) {
if (types.isBinaryExpression(path.node, {operator: '^'})) {
// console.log(11)
let left = path.node.left;
let right = path.node.right;
let result = left.value ^ right.value;
path.replaceWith(types.numericLiteral(result));
}
}
}
traverse(ast, obnum)