JS/HTML Obfuscation - Security & Cryptography

Users browsing this thread: 1 Guest(s)
bottomy
Registered
Good that you save your threads :).
- - -
My favourite kind of JS obfuscation method is to use non-alphanumeric JS. However it does change the actual operation, rather than simply being a source only obfuscation technique.

Heres an example I wrote ages ago. Note that I couldn't get the 'h' or 'w', I couldn't think of what I could reference to get the 'w', and didn't know how I could go about referencing the math object to get the 'h'.
Code:
javascript:window[(![]+[])[+!![]]+(![]+[])[!![]+!![]]+(!!{}+[])[!![]+!![]+!![]]+(!![]+[])[+!![]]+(!![]+[])[+![]]]('h'+(!!{}+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(![]+[])[!![]+!![]]+([][([][[]]+[])[!![]+!![]+!![]+!![]]+([][[]]+[])[!![]+!![]+!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(!![]+[])[+[]]+(![]+[])[!![]+!![]+!![]+!![]]+(!![]+[])[+!![]]]+[])[(!![]+!![]+!![])*(!![]+!![])]+([][([][[]]+[])[!![]+!![]+!![]+!![]]+([][[]]+[])[!![]+!![]+!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(!![]+[])[+[]]+(![]+[])[!![]+!![]+!![]+!![]]+(!![]+[])[+!![]]]+[])[(!![]+!![]+!![]+!![])*(!![]+!![])]+'w'+([][([][[]]+[])[!![]+!![]+!![]+!![]]+([][[]]+[])[!![]+!![]+!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(!![]+[])[+[]]+(![]+[])[!![]+!![]+!![]+!![]]+(!![]+[])[+!![]]]+[])[(!![]+!![]+!![])*(!![]+!![])]+(!![]+[])[+!![]]+(![]+[])[!![]+!![]]+([][[]]+[])[!![]+!![]]);

It's basically the equivalent (as far as what it achieves, not how it functions) to:
Code:
javascript:alert("hello world");
- - -
EDIT: I thought I'd add to my post, so I decided to try find some other obfuscated JS code I've written in the past to post that includes other things. Yet I couldn't find it. I think I must have deleted it or it's on some hard drive I hadn't checked yet (but the ones I had left to check I don't normally store this kind of stuff on them).

Anyway, I decided to make a new reference if it's of any interest. [JS-Non-AlphaNumeric-Reference](https://github.com/ScrimpyCat/JS-Non-Alp...-Reference) If you want a full char set (and you will if you want to do more complicated things) you'll probably need to use the DOM to reference the other characters (or at least the 'h', then you can use fromCharCode). To do that you can make use of the function object.

Some other fun things to include in obfuscated JS code are things like "fake comments" (at least that's what I refer to them as, it's actually just messing about with the regex literals or similar).

Here's a few basic examples:
Code:
console.log("1234"[1,/2,/1,/3,//3,0]); //will print: 1
console.log("1234"[1,/2,0]/1,/3,//0,2]/*/3,0]\*/); //will print: 3
console.log("one"+/two//*//."four"/.*/+"three"); //will print: one/two/three

EDIT: Also here's the original example generated with that script. Much shorter :).
Code:
javascript:window[(![]+[])[+!![]]+(![]+[])[!![]+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+!![]]+(!![]+[])[+[]]]('h'+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(![]+[])[!![]+!![]]+({}+[])[+!![]]+(({}+[])[((!![]+!![]+!![])*(!![]+!![]))+!![]])+'w'+({}+[])[+!![]]+(!![]+[])[+!![]]+(![]+[])[!![]+!![]]+([][[]]+[])[!![]+!![]]);

The not so pretty ruby code
Code:
puts JSSymbol.new("javascript:window[#{_a+_l+_e+_r+_t}]('h'+#{_e+_l+_l+_o+__space}+'w'+#{_o+_r+_l+_d});")


Though to make it a bit more fun, will just remove the window (since it's not going to be time consuming).
Code:
javascript:/./[(!![]+[])[+[]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]][({}+[])[!![]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+({}+[])[!![]+!![]+!![]+!![]+!![]]+(!![]+[])[+[]]+({}+[])[+!![]]+(!![]+[])[+!![]]+[]](((((((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(({}+[])[((!![]+!![]+!![])*(!![]+!![]))+!![]]))+(![]+[])[+!![]])+(![]+[])[!![]+!![]])+(!![]+[])[!![]+!![]+!![]])+(!![]+[])[+!![]])+(!![]+[])[+[]])()('h'+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]]+(![]+[])[!![]+!![]]+({}+[])[+!![]]+(({}+[])[((!![]+!![]+!![])*(!![]+!![]))+!![]])+'w'+({}+[])[+!![]]+(!![]+[])[+!![]]+(![]+[])[!![]+!![]]+([][[]]+[])[!![]+!![]]);

Code:
puts JSSymbol.new("javascript:#{_Function}(#{_r+_e+_t+_u+_r+_n+__space+_a+_l+_e+_r+_t})()('h'+#{_e+_l+_l+_o+__space}+'w'+#{_o+_r+_l+_d});")


Messages In This Thread
JS/HTML Obfuscation - by venam - 24-07-2013, 05:37 PM
RE: JS/HTML Obfuscation - by bottomy - 24-07-2013, 06:25 PM
RE: JS/HTML Obfuscation - by zygotb - 31-07-2013, 01:48 AM
RE: JS/HTML Obfuscation - by bottomy - 01-08-2013, 11:46 AM
RE: JS/HTML Obfuscation - by venam - 19-09-2013, 06:27 AM
RE: JS/HTML Obfuscation - by bottomy - 19-09-2013, 06:36 PM
RE: JS/HTML Obfuscation - by xero - 03-09-2014, 11:17 AM