jsobfu 0.3.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/jsobfu +22 -2
- data/lib/jsobfu.rb +1 -0
- data/lib/jsobfu/obfuscator.rb +20 -9
- data/lib/jsobfu/utils.rb +1 -1
- data/spec/integration_spec.rb +5 -0
- data/spec/jsobfu/utils_spec.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 02ab4e590ee0515b73b6718ba4838be52ad7ec6c
|
4
|
+
data.tar.gz: 2f5bb34601d29758f1daa867b375fb71187c20ea
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a6084669d93cddfed800d737ecb36b407722bdef8bed16cbedafd083e56f92ed40e9247170d3f54101cc4a85f15718f86d7578e11edfc0847396d57311f399f
|
7
|
+
data.tar.gz: 6820da4bbda826d5699a51eaff1537979192a85d0c3dc1e47e29364876434404134e45f0f569650c823f241019db7e900ef393f309321bf17495c91085046171
|
data/bin/jsobfu
CHANGED
@@ -1,8 +1,28 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
require 'jsobfu'
|
3
|
+
require 'optparse'
|
3
4
|
|
4
|
-
iterations = (ARGV[0] || 1).to_i
|
5
|
+
iterations = [(ARGV[0] || 1).to_i, 1].max
|
6
|
+
|
7
|
+
preserved_identifiers = []
|
8
|
+
global = 'window'
|
9
|
+
|
10
|
+
opt_parser = OptionParser.new do |opts|
|
11
|
+
opts.banner = 'Usage: jsobfu [iterations] [options]'
|
12
|
+
opts.on('--preserved-identifiers id1,id2') do |ids|
|
13
|
+
preserved_identifiers += ids.split(',')
|
14
|
+
end
|
15
|
+
opts.on('--global window') do |global_opt|
|
16
|
+
global = global_opt
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
opt_parser.parse(ARGV)
|
5
21
|
|
6
22
|
js = JSObfu.new(STDIN.read)
|
7
23
|
|
8
|
-
puts js.obfuscate(
|
24
|
+
puts js.obfuscate(
|
25
|
+
iterations: iterations,
|
26
|
+
preserved_identifiers: preserved_identifiers,
|
27
|
+
global: global
|
28
|
+
)
|
data/lib/jsobfu.rb
CHANGED
@@ -62,6 +62,7 @@ class JSObfu
|
|
62
62
|
# @option opts [Boolean] :memory_sensitive the execution environment is sensitive
|
63
63
|
# to changes in memory usage (e.g. a heap spray). This disables string transformations
|
64
64
|
# and other "noisy" obfuscation tactics. (false)
|
65
|
+
# @option opts [Array<String>] :preserved_identifiers A list of identifiers to NOT obfuscate
|
65
66
|
# @return [self]
|
66
67
|
def obfuscate(opts={})
|
67
68
|
return self if JSObfu.disabled?
|
data/lib/jsobfu/obfuscator.rb
CHANGED
@@ -28,6 +28,7 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
28
28
|
@scope = opts.fetch(:scope) { JSObfu::Scope.new }
|
29
29
|
@global = opts.fetch(:global, DEFAULT_GLOBAL).to_s
|
30
30
|
@memory_sensitive = !!opts.fetch(:memory_sensitive, false)
|
31
|
+
@preserved_identifiers = opts.fetch(:preserved_identifiers, [])
|
31
32
|
@renames = {}
|
32
33
|
super()
|
33
34
|
end
|
@@ -50,7 +51,9 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
50
51
|
o.value.each { |x| hoister.accept(x) }
|
51
52
|
|
52
53
|
hoister.scope.keys.each do |key|
|
53
|
-
|
54
|
+
unless @preserved_identifiers.include?(key)
|
55
|
+
rename_var(key)
|
56
|
+
end
|
54
57
|
end
|
55
58
|
|
56
59
|
ret = super
|
@@ -62,7 +65,9 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
62
65
|
|
63
66
|
def visit_FunctionDeclNode(o)
|
64
67
|
o.value = if o.value and o.value.length > 0
|
65
|
-
|
68
|
+
unless @preserved_identifiers.include?(o.value)
|
69
|
+
JSObfu::Utils::random_var_encoding(scope.rename_var(o.value))
|
70
|
+
end
|
66
71
|
else
|
67
72
|
if rand(3) != 0
|
68
73
|
JSObfu::Utils::random_var_encoding(scope.random_var_name)
|
@@ -73,7 +78,7 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
73
78
|
end
|
74
79
|
|
75
80
|
def visit_FunctionExprNode(o)
|
76
|
-
if o.value != 'function'
|
81
|
+
if o.value != 'function' && !@preserved_identifiers.include?(o.value)
|
77
82
|
o.value = JSObfu::Utils::random_var_encoding(rename_var(o.value))
|
78
83
|
end
|
79
84
|
|
@@ -82,7 +87,9 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
82
87
|
|
83
88
|
# Called whenever a variable is declared.
|
84
89
|
def visit_VarDeclNode(o)
|
85
|
-
|
90
|
+
unless @preserved_identifiers.include?(o.name)
|
91
|
+
o.name = JSObfu::Utils::random_var_encoding(rename_var(o.name))
|
92
|
+
end
|
86
93
|
|
87
94
|
super
|
88
95
|
end
|
@@ -103,7 +110,7 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
103
110
|
o.value = JSObfu::Utils::random_var_encoding(new_val)
|
104
111
|
super
|
105
112
|
else
|
106
|
-
if @memory_sensitive || o.value.to_s == global.to_s
|
113
|
+
if @memory_sensitive || o.value.to_s == global.to_s || @preserved_identifiers.include?(o.value.to_s)
|
107
114
|
# if the ref is the global object, don't obfuscate it on itself. This helps
|
108
115
|
# "shimmed" globals (like `window=this` at the top of the script) work reliably.
|
109
116
|
super
|
@@ -116,7 +123,7 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
116
123
|
|
117
124
|
# Called on a dot lookup, like X.Y
|
118
125
|
def visit_DotAccessorNode(o)
|
119
|
-
if @memory_sensitive
|
126
|
+
if @memory_sensitive || @preserved_identifiers.include?(o.accessor)
|
120
127
|
super
|
121
128
|
else
|
122
129
|
obf_str = JSObfu::Utils::transform_string(o.accessor, scope, :quotes => false)
|
@@ -127,7 +134,9 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
127
134
|
# Called when a parameter is declared. "Shadowed" parameters in the original
|
128
135
|
# source are preserved - the randomized name is "shadowed" from the outer scope.
|
129
136
|
def visit_ParameterNode(o)
|
130
|
-
|
137
|
+
unless @preserved_identifiers.include?(o.value)
|
138
|
+
o.value = JSObfu::Utils::random_var_encoding(rename_var(o.value))
|
139
|
+
end
|
131
140
|
|
132
141
|
super
|
133
142
|
end
|
@@ -135,7 +144,7 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
135
144
|
# A property node in an object "{}"
|
136
145
|
def visit_PropertyNode(o)
|
137
146
|
# if it is a non-alphanumeric property, obfuscate the string's bytes
|
138
|
-
unless @memory_sensitive
|
147
|
+
unless @memory_sensitive || @preserved_identifiers.include?(o.name)
|
139
148
|
if o.name =~ /^[a-zA-Z_][a-zA-Z0-9_]*$/
|
140
149
|
o.instance_variable_set :@name, '"'+JSObfu::Utils::random_string_encoding(o.name)+'"'
|
141
150
|
end
|
@@ -162,7 +171,9 @@ class JSObfu::Obfuscator < JSObfu::ECMANoWhitespaceVisitor
|
|
162
171
|
|
163
172
|
def visit_TryNode(o)
|
164
173
|
if o.catch_block
|
165
|
-
|
174
|
+
unless @preserved_identifiers.include?(o.catch_var)
|
175
|
+
o.instance_variable_set :@catch_var, rename_var(o.catch_var)
|
176
|
+
end
|
166
177
|
end
|
167
178
|
super
|
168
179
|
end
|
data/lib/jsobfu/utils.rb
CHANGED
data/spec/integration_spec.rb
CHANGED
@@ -5,7 +5,12 @@ require 'execjs'
|
|
5
5
|
unless ENV['INTEGRATION'] == 'false'
|
6
6
|
|
7
7
|
describe 'Integrations' do
|
8
|
+
match = ENV['MATCH']
|
8
9
|
Dir.glob(Pathname.new(__FILE__).dirname.join('integration/**.js').to_s).each do |path|
|
10
|
+
if match and !path.downcase.include?(match.downcase)
|
11
|
+
next
|
12
|
+
end
|
13
|
+
|
9
14
|
js = File.read(path)
|
10
15
|
|
11
16
|
if js =~ /\/\/@wip/
|
data/spec/jsobfu/utils_spec.rb
CHANGED
@@ -21,7 +21,7 @@ describe JSObfu::Utils do
|
|
21
21
|
|
22
22
|
describe '#rand_text_alpha' do
|
23
23
|
let(:len) { 15 }
|
24
|
-
|
24
|
+
|
25
25
|
# generates a new random string on every call
|
26
26
|
def output; JSObfu::Utils.rand_text_alpha(len); end
|
27
27
|
|
@@ -34,7 +34,7 @@ describe JSObfu::Utils do
|
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
describe '#rand_text' do
|
37
|
+
describe '#rand_text' do
|
38
38
|
let(:len) { 5 }
|
39
39
|
let(:charset) { described_class::ALPHA_CHARSET }
|
40
40
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jsobfu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James Lee
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2016-01-28 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rkelly-remix
|
@@ -141,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
141
141
|
version: '0'
|
142
142
|
requirements: []
|
143
143
|
rubyforge_project:
|
144
|
-
rubygems_version: 2.
|
144
|
+
rubygems_version: 2.4.8
|
145
145
|
signing_key:
|
146
146
|
specification_version: 4
|
147
147
|
summary: A Javascript code obfuscator
|