Merge pull request #135 from MichaelXF/dev

1.7.3

Author: MichaelXF

.github/workflows/node.js.yml

@@ -15,7 +15,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [14.15, 16.10, 18.0]
+        node-version: [14.15, 16.10, 18.0, 20.16]
         # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
 
     steps:

.gitignore

@@ -122,3 +122,5 @@ ES6.output.js
 .vscode/
 
 src/dev.ts
+
+.DS_Store

CHANGELOG.md

@@ -1,3 +1,38 @@
+# `1.7.3`
+Tamper Protection
+
+### `Tamper Protection`
+
+Tamper Protection safeguards the runtime behavior from being altered by JavaScript pitfalls. 
+
+[Learn more here.](/docs/TamperProtection.md)
+
+---
+
+- Rename Variables improvements:
+
+- A new exposed function, `__JS_CONFUSER_VAR__`, can be used to access renamed variables. [Learn more here](/docs/RenameVariables.md).
+
+
+```js
+// Input
+var name = "John Doe";
+eval("console.log(" + __JS_CONFUSER_VAR__(name) + ")");
+
+// Output
+var CA1HU0 = 'John Doe';
+eval('console.log(' + 'CA1HU0' + ')');
+```
+
+- Improved the `Zero Width` identifier generator (Thanks @doctor8296!)
+
+- Pad the `String Concealing` array with more fake strings
+
+- Improve `String Compression`
+
+- New Web UI sneak peak: https://new--confuser.netlify.app/
+
+
 # `1.7.2`
 Updates
 

README.md

@@ -183,6 +183,8 @@ var qFaI6S = function () {
 qFaI6S();
 ```
 
+[Learn mode here.](https://github.com/MichaelXF/js-confuser/blob/master/docs/RenameVariables.md)
+
 ### `renameGlobals`
 
 Renames top-level variables, turn this off for web-related scripts. Enabled by default. (`true/false`)
@@ -390,6 +392,8 @@ Use a number to control the percentage of strings.
 
 String Encoding transforms a string into an encoded representation. (`true/false/0-1`)
 
+**⚠️ Warning: Significantly increases file size! It is not recommended for most use cases.**
+
 Use a number to control the percentage of strings.
 
 `"console"` -> `'\x63\x6f\x6e\x73\x6f\x6c\x65'`
@@ -577,9 +581,16 @@ Creates a calculator function to handle arithmetic and logical expressions. (`tr
 
 Adds `debugger` statements throughout the code. Additionally adds a background function for DevTools detection. (`true/false/0-1`)
 
-### `lock.context`
+### `lock.tamperProtection`
 
-Properties that must be present on the `window` object (or `global` for NodeJS). (`string[]`)
+Tamper Protection safeguards the runtime behavior from being altered by JavaScript pitfalls. (`true/false`)
+
+**⚠️ Tamper Protection requires eval and ran in a non-strict mode environment!**
+
+- **This can break your code.**
+- **Due to the security concerns of arbitrary code execution, you must enable this yourself.**
+
+[Learn more here](https://github.com/MichaelXF/js-confuser/blob/master/TamperProtection.md).
 
 ### `lock.startDate`
 
@@ -629,10 +640,14 @@ Integrity ensures the source code is unchanged. (`true/false/0-1`)
 
 A custom callback function to invoke when a lock is triggered. (`string/false`)
 
-[Learn more about the countermeasures function](https://github.com/MichaelXF/js-confuser/blob/master/docs/Countermeasures.md).
+[Learn more here.](https://github.com/MichaelXF/js-confuser/blob/master/docs/Countermeasures.md)
 
 Otherwise, the obfuscator falls back to crashing the process.
 
+### `lock.context`
+
+Properties that must be present on the `window` object (or `global` for NodeJS). (`string[]`)
+
 ### `movedDeclarations`
 
 Moves variable declarations to the top of the context. (`true/false`)
@@ -785,6 +800,7 @@ You must enable locks yourself, and configure them to your needs.
   lock: {
     integrity: true,
     selfDefending: true,
+    tamperProtection: true,
     domainLock: ["mywebsite.com"],
     osLock: ["windows", "linux"],
     browserLock: ["firefox"],
@@ -813,7 +829,7 @@ These features are experimental or a security concern.
   // set to false for web-related scripts
   renameGlobals: false,
 
-  // experimental
+  // custom implementation
   identifierGenerator: function(){
     return "myvar_" + (counter++);
   },

docs/Countermeasures.md

@@ -1,6 +1,6 @@
 ## `Countermeasures`
 
-[Countermeasures](https://docs.jscrambler.com/code-integrity/documentation/client-side-countermeasures) is a property on the `lock` object, determining the response to a triggered lock.
+Countermeasures is a property on the `lock` object, determining the response to a triggered lock.
 
 For instance, the `domainLock` determines the current domain is invalid.
 
@@ -21,12 +21,13 @@ For instance, the `domainLock` determines the current domain is invalid.
 
 ## Crash Process
 
-The default behavior is to crash the process. This depends on the `target` property.
+The default behavior is to crash the process This is done by an infinite loop to ensure the process becomes useless.
 
-- `node` -> `process.exit();`
-- `browser` -> `document.documentElement.innerHTML = '';`
-
-This is followed by an infinite loop as a fallback measure to ensure the process becomes useless.
+```js
+while(true) {
+  // ...
+}
+```
 
 ## Custom Callback
 
@@ -61,3 +62,9 @@ Try setting your machine time to the past or before the allowed range.
 #### Integrity:
 
 Try changing a string within your code.
+
+### See also
+
+- [Integrity](Integrity.md)
+- [Tamper Protection](TamperProtection.md)
+

docs/Integrity.md

@@ -1,15 +1,21 @@
 ## `Integrity`
 
-JSConfuser can detect changes to the source and prevent execution.
+JS-Confuser can detect changes to the source code and terminate execution. 
 
-If the code is determined modified, the tampered code will not run.
+- **⚠️ This can break your code!**
 
-## Usage
+Option name: `lock.integrity`
+
+Option values: `true/false`
+
+### Usage
 
 ```js
 var JsConfuser = require("js-confuser");
 
-JsConfuser.obfuscate("console.log(1)", {
+var sourceCode = "console.log(1)"
+
+JsConfuser.obfuscate(sourceCode, {
   target: "browser",
   lock: {
     integrity: true,
@@ -19,35 +25,22 @@ JsConfuser.obfuscate("console.log(1)", {
 });
 ```
 
-## CLI Usage
-
-```shell
-<coming soon>
-```
-
-## Example
+### Example
 
 Consider the following code:
 
 ```js
 console.log(1)
-```
-
-The output:
 
-```
-> 1
+// 1
 ```
 
 The obfuscated code (from Usage):
 
 ```js
 (function(){var jXwFUz=Math.imul||function(jXwFUz,m9pBnlk){m9pBnlk|=0;var n1mfO$O=(jXwFUz&4194303)*m9pBnlk;if(jXwFUz&4290772992)n1mfO$O+=(jXwFUz&4290772992)*m9pBnlk|0;return n1mfO$O|0};function m9pBnlk(n1mfO$O,humOEA){var DGCgjl=3735928559^humOEA;var S$63Fy1=1103547991^humOEA;for(var Lop2FFS=0,GC2VbAQ;Lop2FFS<n1mfO$O.length;Lop2FFS++){GC2VbAQ=n1mfO$O.charCodeAt(Lop2FFS);DGCgjl=jXwFUz(DGCgjl^GC2VbAQ,2654435761);S$63Fy1=jXwFUz(S$63Fy1^GC2VbAQ,1597334677)}DGCgjl=jXwFUz(DGCgjl^DGCgjl>>>16,2246822507)^jXwFUz(S$63Fy1^S$63Fy1>>>13,3266489909);S$63Fy1=jXwFUz(S$63Fy1^S$63Fy1>>>16,2246822507)^jXwFUz(DGCgjl^DGCgjl>>>13,3266489909);return 4294967296*(2097151&S$63Fy1)+(DGCgjl>>>0)}function n1mfO$O(jXwFUz){return jXwFUz.toString().replace(/ |\n|;|,|\{|\}|\(|\)/g,'')}function y3EzuX9(){console['log'](1)}var yzLesc=m9pBnlk(n1mfO$O(y3EzuX9),957);if(yzLesc==0x7a77799eaf937){return y3EzuX9.apply(this,arguments)}}())
-```
 
-The output:
-```
-> 1
+// 1
 ```
 
 Since only Integrity is enabled, it's pretty easy to find the original code: `console['log'](1)`.
@@ -58,18 +51,32 @@ Let's try to change the `console['log'](1)` to `console['log'](2)`:
 (function(){var jXwFUz=Math.imul||function(jXwFUz,m9pBnlk){m9pBnlk|=0;var n1mfO$O=(jXwFUz&4194303)*m9pBnlk;if(jXwFUz&4290772992)n1mfO$O+=(jXwFUz&4290772992)*m9pBnlk|0;return n1mfO$O|0};function m9pBnlk(n1mfO$O,humOEA){var DGCgjl=3735928559^humOEA;var S$63Fy1=1103547991^humOEA;for(var Lop2FFS=0,GC2VbAQ;Lop2FFS<n1mfO$O.length;Lop2FFS++){GC2VbAQ=n1mfO$O.charCodeAt(Lop2FFS);DGCgjl=jXwFUz(DGCgjl^GC2VbAQ,2654435761);S$63Fy1=jXwFUz(S$63Fy1^GC2VbAQ,1597334677)}DGCgjl=jXwFUz(DGCgjl^DGCgjl>>>16,2246822507)^jXwFUz(S$63Fy1^S$63Fy1>>>13,3266489909);S$63Fy1=jXwFUz(S$63Fy1^S$63Fy1>>>16,2246822507)^jXwFUz(DGCgjl^DGCgjl>>>13,3266489909);return 4294967296*(2097151&S$63Fy1)+(DGCgjl>>>0)}function n1mfO$O(jXwFUz){return jXwFUz.toString().replace(/ |\n|;|,|\{|\}|\(|\)/g,'')}function y3EzuX9(){console['log'](2)}var yzLesc=m9pBnlk(n1mfO$O(y3EzuX9),957);if(yzLesc==0x7a77799eaf937){return y3EzuX9.apply(this,arguments)}}())
 ```
 
-The program no longer outputs anything. Integrity detected the change and stopped execution.
+The program no longer outputs anything. Integrity has detected the change and stopped execution.
+
+### How is this possible?
+
+JavaScript has a sneaky method to view the source code any function. Calling `Function.toString()` on any function reveals the raw source code.
+
+Integrity uses a hashing algorithm on the obfuscated code during the obfuscation-phase. The obfuscator then places checksum functions throughout the output code to verify it's unchanged at runtime.
+
+An additional RegEx is utilized to remove spaces, newlines, braces, and commas. This ensures the hash isn't too sensitive.
 
-## How is this possible?
+### Tamper Detection
 
-JavaScript has a sneaky method to view the source code any function. Calling `.toString()` on any function reveals the raw source code.
-Integrity hashes the code during obfuscation phase and embeds an IF-statement within the code. We used an additional regex to remove spaces, newlines, braces,
-and commas to ensure the hash isn't too sensitive.
+If tampering is detected, the `lock.countermeasures` function will be invoked. If you don't provide a `lock.countermeasures` function, the default behavior is to crash the program.
 
-## Potential Issues
+[Learn more about the countermeasures function](Countermeasures.md).
+
+### Potential Issues
 
 If you decide to use Integrity, consider the following:
 
-1. Any build-tools must not modify the locked code. The code can't be changed after JsConfuser runs.
-2. `.toString()` functionality may not be enabled in your environment (bytenode)
+1. Any build-tools must not modify the locked code. The code can't be changed after JS-Confuser is applied.
+2. `Function.toString()` functionality may not be enabled in your environment (bytenode)
+
+### See also
+
+- [Countermeasures](Countermeasures.md)
+- [Tamper Protection](TamperProtection.md)
+
 

docs/RGF.md

@@ -416,4 +416,9 @@ RGF only applies to:
 - Function Declarations or Expressions
 - Cannot be async / generator function
 - Cannot rely on outside-scoped variables
-- Cannot use `this`, `arguments`, or `eval`
+- Cannot use `this`, `arguments`, or `eval`
+
+### See also
+
+- [Control Flow Flattening](./ControlFlowFlattening.md)
+- [Tamper Protection](./TamperProtection.md)

docs/RenameVariables.md

@@ -0,0 +1,116 @@
+## `Rename Variables`
+
+Determines if variables should be renamed. (`true/false`)
+
+Option name: `controlFlowFlattening`
+
+Option values: `true/false`
+
+```js
+// Input
+var twoSum = function (nums, target) {
+  var hash = {};
+  var len = nums.length;
+  for (var i = 0; i < len; i++) {
+    if (nums[i] in hash) return [hash[nums[i]], i];
+    hash[target - nums[i]] = i;
+  }
+  return [-1, -1];
+};
+
+var test = function () {
+  var inputNums = [2, 7, 11, 15];
+  var inputTarget = 9;
+  var expectedResult = [0, 1];
+
+  var actualResult = twoSum(inputNums, inputTarget);
+  ok(actualResult[0] === expectedResult[0]);
+  ok(actualResult[1] === expectedResult[1]);
+};
+
+test();
+
+// Output
+var _O2mOcF = function (kB4uXM, w_07HXS) {
+  var ZLTJcx = {};
+  var sXQOaUx = kB4uXM["length"];
+  for (var JYYxEk = 0; JYYxEk < sXQOaUx; JYYxEk++) {
+    if (kB4uXM[JYYxEk] in ZLTJcx) {
+      return [ZLTJcx[kB4uXM[JYYxEk]], JYYxEk];
+    }
+    ZLTJcx[w_07HXS - kB4uXM[JYYxEk]] = JYYxEk;
+  }
+  return [-1, -1];
+};
+var qFaI6S = function () {
+  var fZpeOw = [2, 7, 11, 15];
+  var UJ62R2c = 9;
+  var dG6R0cV = [0, 1];
+  var WgYXwn = _O2mOcF(fZpeOw, UJ62R2c);
+  void (ok(WgYXwn[0] === dG6R0cV[0]), ok(WgYXwn[1] === dG6R0cV[1]));
+};
+qFaI6S();
+```
+
+### Custom Implementation
+
+A custom function can provided as the `renameVariables` option, determining if a variable should be renamed.
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `name` | `string` | The variable proposed to be renamed |
+| `isGlobal` | `boolean` | Is the variable defined at the global level? |
+
+```js
+{
+  target: "node",
+  
+  // Avoid renaming a certain variable
+  renameVariables: name=>name != "jQuery",
+}
+```
+
+### Access the renamed variable
+
+The `__JS_CONFUSER_VAR__` function provides a method to access variable mappings. This is especially useful for `eval()` scenarios where you want preserve the mapping.
+
+
+```js
+// Input
+var message = "Hello world!";
+eval(`console.log(${ __JS_CONFUSER_VAR__(message)  })`);
+
+console.log("message was renamed to", __JS_CONFUSER_VAR__(message));
+
+// Output
+var nSgZyJf = "Hello world!";
+eval(`console.log(${"nSgZyJf"})`) // "Hello world!"
+console["log"]("message was renamed to", "nSgZyJf") // message was renamed to nSgZyJf
+```
+
+Even if `Rename Variables` is disabled, the `__JS_CONFUSER_VAR__` will still be removed. (The original name will be returned as a string)
+
+### Never rename a variable
+
+The `__NO_JS_CONFUSER_RENAME__` prefix disables renaming a certain variable. This can be useful for debugging the obfuscator.
+
+```js
+// Input
+var __NO_JS_CONFUSER_RENAME__message1 = "My first message"
+var message2 = "My other message"
+
+console.log(__NO_JS_CONFUSER_RENAME__message1)
+console.log(message2)
+
+// Output
+var __NO_JS_CONFUSER_RENAME__message1 = "My first message";
+var jRLf713 = "My other message";
+
+console.log(__NO_JS_CONFUSER_RENAME__message1),
+console.log(jRLf713)
+```
+
+
+
+
+