Introduction
Introduction
Source Code
HTML
CSS
JavaScript
Code Obfuscation
What is obfuscation
Use Cases
Basic Obfuscation
Running JavaScript code
Minifying JavaScript code
Packing JavaScript code
虽然打包器在降低代码可读性方面做得很好,但我们仍然可以看到它的主要字符串以明文形式编写,这可能揭示了它的一些功能。这就是为什么我们可能想要寻找更好的方法来混淆我们的代码。
Advanced Obfuscation
More Obfuscation
Deobfuscation
Beautify
Deobfuscate
Tip: Ensure you do not leave any empty lines before the script, as it may affect the deobfuscation process and give inaccurate results.
Deobfuscation Examples
Code Analysis
HTTP Requests
HTTP Requests
cURL
POST Request
Decoding
Base64
base64 encoding is usually used to reduce the use of special characters, as any characters encoded in base64 would be represented in alpha-numeric characters, in addition to + and / only.
base64 encoded strings are easily spotted since they only contain alpha-numeric characters. However, the most distinctive feature of base64 is its padding using = characters. The length of base64 encoded strings has to be in a multiple of 4. If the resulting output is only 3 characters long, for example, an extra = is added as padding, and so on.
# echo https://www.hackthebox.eu/ | base64
# echo aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldS8K | base64 -d
Hex
Any string encoded in hex would be comprised of hex characters only, which are 16 characters only: 0-9 and a-f. That makes spotting hex encoded strings just as easy as spotting base64 encoded strings.
# echo https://www.hackthebox.eu/ | xxd -p
# echo 68747470733a2f2f7777772e6861636b746865626f782e65752f0a | xxd -p -r
Caesar/Rot13
Even though this encoding method makes any text looks random, it is still possible to spot it because each character is mapped to a specific character. For example, in rot13, http://www becomes uggc://jjj, which still holds some resemblances and may be recognized as such.
# echo https://www.hackthebox.eu/ | tr 'A-Za-z' 'N-ZA-Mn-za-m'
# echo uggcf://jjj.unpxgurobk.rh/ | tr 'A-Za-z' 'N-ZA-Mn-za-m'
