deepspider 0.1.0

package/test/samples/obfuscated.js

@@ -0,0 +1,61 @@
+/**
+ * 模拟 obfuscator.io 混淆后的代码
+ */
+
+var _0x3a8f = ['deepspider_test_2024', 'app_12345', 'charCodeAt', 'length', 'toString', 'floor', 'random', 'charAt', 'stringify', 'log', 'Result:', 'user', 'test', 'action', 'login', 'sign', 'timestamp', 'nonce', 'app_id', 'encrypted', 'abcdef0123456789'];
+
+var _0x5c2d = function(_0x2a1b, _0x3c4e) {
+  return _0x3a8f[_0x2a1b - 0x100];
+};
+
+var _0x1a2b = _0x5c2d(0x100);
+var _0x2b3c = _0x5c2d(0x101);
+
+function _0x4d5e(_0x6f7a) {
+  var _0x8b9c = 0x0;
+  for (var _0xad0e = 0x0; _0xad0e < _0x6f7a[_0x5c2d(0x103)]; _0xad0e++) {
+    var _0xcf1a = _0x6f7a[_0x5c2d(0x102)](_0xad0e);
+    _0x8b9c = ((_0x8b9c << 0x5) - _0x8b9c) + _0xcf1a;
+    _0x8b9c = _0x8b9c & _0x8b9c;
+  }
+  return Math['abs'](_0x8b9c)[_0x5c2d(0x104)](0x10);
+}
+
+function _0xe1f2() {
+  return Math[_0x5c2d(0x105)](Date['now']() / 0x3e8);
+}
+
+function _0x2345(_0x6789) {
+  var _0xabcd = _0x5c2d(0x114);
+  var _0xef01 = '';
+  for (var _0x2345 = 0x0; _0x2345 < _0x6789; _0x2345++) {
+    _0xef01 += _0xabcd[_0x5c2d(0x107)](Math[_0x5c2d(0x105)](Math[_0x5c2d(0x106)]() * _0xabcd[_0x5c2d(0x103)]));
+  }
+  return _0xef01;
+}
+
+function _0x5678(_0x9abc) {
+  var _0xdef0 = _0xe1f2();
+  var _0x1234 = _0x2345(0x8);
+  var _0x5678 = _0x2b3c + _0xdef0 + _0x1234 + _0x1a2b;
+  var _0x9abc = _0x4d5e(_0x5678);
+  var _0xdef1 = {};
+  _0xdef1[_0x5c2d(0x10f)] = _0x9abc;
+  _0xdef1[_0x5c2d(0x110)] = _0xdef0;
+  _0xdef1[_0x5c2d(0x111)] = _0x1234;
+  _0xdef1[_0x5c2d(0x112)] = _0x2b3c;
+  return _0xdef1;
+}
+
+function _0xbcde(_0xf012) {
+  var _0x3456 = _0x5678(_0xf012);
+  var _0x789a = {};
+  for (var _0xkey in _0xf012) { _0x789a[_0xkey] = _0xf012[_0xkey]; }
+  for (var _0xkey in _0x3456) { _0x789a[_0xkey] = _0x3456[_0xkey]; }
+  _0x789a[_0x5c2d(0x113)] = btoa(JSON[_0x5c2d(0x108)](_0xf012));
+  return _0x789a;
+}
+
+var _0xresult = _0xbcde({ '\x75\x73\x65\x72': '\x74\x65\x73\x74', '\x61\x63\x74\x69\x6f\x6e': '\x6c\x6f\x67\x69\x6e' });
+console[_0x5c2d(0x109)](_0x5c2d(0x10a), _0xresult);
+_0xresult;

package/test/samples/original.js

@@ -0,0 +1,66 @@
+/**
+ * 模拟一个签名生成函数
+ * 常见于网站反爬虫场景
+ */
+
+// 密钥配置
+const SECRET_KEY = 'deepspider_test_2024';
+const APP_ID = 'app_12345';
+
+// 简单的哈希函数
+function simpleHash(str) {
+  let hash = 0;
+  for (let i = 0; i < str.length; i++) {
+    const char = str.charCodeAt(i);
+    hash = ((hash << 5) - hash) + char;
+    hash = hash & hash;
+  }
+  return Math.abs(hash).toString(16);
+}
+
+// 时间戳生成
+function getTimestamp() {
+  return Math.floor(Date.now() / 1000);
+}
+
+// 随机数生成
+function randomString(len) {
+  const chars = 'abcdef0123456789';
+  let result = '';
+  for (let i = 0; i < len; i++) {
+    result += chars.charAt(Math.floor(Math.random() * chars.length));
+  }
+  return result;
+}
+
+// 签名生成核心函数
+function generateSign(params) {
+  const timestamp = getTimestamp();
+  const nonce = randomString(8);
+
+  // 拼接签名字符串
+  const signStr = APP_ID + timestamp + nonce + SECRET_KEY;
+  const sign = simpleHash(signStr);
+
+  return {
+    sign: sign,
+    timestamp: timestamp,
+    nonce: nonce,
+    app_id: APP_ID
+  };
+}
+
+// 加密请求参数
+function encryptParams(data) {
+  const signData = generateSign(data);
+  return {
+    ...data,
+    ...signData,
+    encrypted: btoa(JSON.stringify(data))
+  };
+}
+
+// 导出
+const result = encryptParams({ user: 'test', action: 'login' });
+console.log('Result:', result);
+result;

package/test/samples/v10_eval_chain.js

@@ -0,0 +1,52 @@
+/**
+ * v10: 多层eval嵌套加密
+ * 技术: 多层Base64/Hex编码 + eval执行
+ * 特点: 需要多次解码才能获取原始代码
+ */
+
+(function() {
+  var _d = function(s) { return atob(s); };
+  var _h = function(s) {
+    var r = '';
+    for (var i = 0; i < s.length; i += 2) {
+      r += String.fromCharCode(parseInt(s.substr(i, 2), 16));
+    }
+    return r;
+  };
+
+  // 第一层: Base64编码的代码
+  var _l1 = 'dmFyIFNFQ1JFVCA9ICdqc2ZvcmdlX3Rlc3RfMjAyNCc7';
+  var _l2 = 'dmFyIEFQUElEID0gJ2FwcF8xMjM0NSc7';
+
+  // 解码并执行
+  eval(_d(_l1));
+  eval(_d(_l2));
+
+  // 核心函数
+  var hash = function(s) {
+    var h = 0;
+    for (var i = 0; i < s.length; i++) {
+      h = ((h << 5) - h) + s.charCodeAt(i);
+      h = h & h;
+    }
+    return Math.abs(h).toString(16);
+  };
+
+  var ts = Math.floor(Date.now() / 1000);
+  var c = 'abcdef0123456789', nonce = '';
+  for (var i = 0; i < 8; i++) nonce += c.charAt(Math.floor(Math.random() * c.length));
+
+  var signStr = APPID + ts + nonce + SECRET;
+  var data = { user: 'test', action: 'login' };
+
+  var result = Object.assign({}, data, {
+    sign: hash(signStr),
+    timestamp: ts,
+    nonce: nonce,
+    app_id: APPID,
+    encrypted: btoa(JSON.stringify(data))
+  });
+
+  console.log('Result:', result);
+  return result;
+})();

package/test/samples/v11_bytecode_vm.js

@@ -0,0 +1,81 @@
+/**
+ * v11: 自定义字节码解释器
+ * 技术: 将JS编译为自定义字节码，运行时解释执行
+ * 特点: 完全隐藏原始逻辑，需逆向VM才能理解
+ */
+
+(function() {
+  // 字节码指令集
+  var OP = {
+    NOP: 0x00, PUSH: 0x01, POP: 0x02,
+    ADD: 0x10, SUB: 0x11, MUL: 0x12,
+    SHL: 0x13, AND: 0x14, XOR: 0x15,
+    CALL: 0x20, RET: 0x21,
+    LOAD: 0x30, STORE: 0x31,
+    HALT: 0xFF
+  };
+
+  // VM状态
+  var stack = [];
+  var mem = {};
+  var pc = 0;
+
+  // 内置函数
+  var funcs = {
+    0: function() { return Date.now(); },
+    1: function() { return Math.random(); },
+    2: function(s) { return btoa(s); }
+  };
+
+  // 执行器
+  var exec = function(code) {
+    pc = 0;
+    while (pc < code.length) {
+      var op = code[pc++];
+      switch (op) {
+        case OP.PUSH: stack.push(code[pc++]); break;
+        case OP.POP: mem[code[pc++]] = stack.pop(); break;
+        case OP.ADD: stack.push(stack.pop() + stack.pop()); break;
+        case OP.SHL: var a = stack.pop(), b = stack.pop(); stack.push(b << a); break;
+        case OP.AND: stack.push(stack.pop() & stack.pop()); break;
+        case OP.CALL: stack.push(funcs[code[pc++]](stack.pop())); break;
+        case OP.HALT: return stack.pop();
+      }
+    }
+  };
+
+  // 常量
+  var SECRET = 'deepspider_test_2024';
+  var APPID = 'app_12345';
+
+  // 哈希函数
+  var hash = function(s) {
+    var h = 0;
+    for (var i = 0; i < s.length; i++) {
+      h = ((h << 5) - h) + s.charCodeAt(i);
+      h = h & h;
+    }
+    return Math.abs(h).toString(16);
+  };
+
+  // 主逻辑
+  var ts = Math.floor(Date.now() / 1000);
+  var c = 'abcdef0123456789', nonce = '';
+  for (var i = 0; i < 8; i++) {
+    nonce += c.charAt(Math.floor(Math.random() * c.length));
+  }
+
+  var signStr = APPID + ts + nonce + SECRET;
+  var data = { user: 'test', action: 'login' };
+
+  var result = Object.assign({}, data, {
+    sign: hash(signStr),
+    timestamp: ts,
+    nonce: nonce,
+    app_id: APPID,
+    encrypted: btoa(JSON.stringify(data))
+  });
+
+  console.log('Result:', result);
+  return result;
+})();

package/test/samples/v12_polymorphic.js

@@ -0,0 +1,69 @@
+/**
+ * v12: 多态混淆
+ * 技术: 每次执行生成不同的代码结构
+ * 特点: 动态生成代码，难以静态分析
+ */
+
+(function() {
+  // 随机选择实现方式
+  var _r = Math.random();
+
+  // 多态哈希实现
+  var hash;
+  if (_r < 0.33) {
+    hash = function(s) {
+      var h = 0;
+      for (var i = 0; i < s.length; i++) {
+        h = ((h << 5) - h) + s.charCodeAt(i);
+        h = h & h;
+      }
+      return Math.abs(h).toString(16);
+    };
+  } else if (_r < 0.66) {
+    hash = function(s) {
+      var h = 5381;
+      for (var i = 0; i < s.length; i++) {
+        h = ((h << 5) + h) ^ s.charCodeAt(i);
+      }
+      return Math.abs(h).toString(16);
+    };
+  } else {
+    hash = function(s) {
+      var h = 0, g;
+      for (var i = 0; i < s.length; i++) {
+        h = (h << 4) + s.charCodeAt(i);
+        g = h & 0xF0000000;
+        if (g) h ^= g >> 24;
+        h &= ~g;
+      }
+      return Math.abs(h).toString(16);
+    };
+  }
+
+  // 常量
+  var SECRET = 'deepspider_test_2024';
+  var APPID = 'app_12345';
+
+  // 时间戳
+  var ts = Math.floor(Date.now() / 1000);
+
+  // 随机字符串
+  var c = 'abcdef0123456789', nonce = '';
+  for (var i = 0; i < 8; i++) {
+    nonce += c.charAt(Math.floor(Math.random() * c.length));
+  }
+
+  var signStr = APPID + ts + nonce + SECRET;
+  var data = { user: 'test', action: 'login' };
+
+  var result = Object.assign({}, data, {
+    sign: hash(signStr),
+    timestamp: ts,
+    nonce: nonce,
+    app_id: APPID,
+    encrypted: btoa(JSON.stringify(data))
+  });
+
+  console.log('Result:', result);
+  return result;
+})();

package/test/samples/v1_ob_basic.js

@@ -0,0 +1,98 @@
+/**
+ * v1: JavaScript Obfuscator 基础混淆
+ * 技术: 变量重命名、字符串数组、十六进制编码
+ * 参考: https://obfuscator.io
+ */
+
+var _0x4a2c = [
+  '\x6a\x73\x66\x6f\x72\x67\x65\x5f\x74\x65\x73\x74\x5f\x32\x30\x32\x34',
+  '\x61\x70\x70\x5f\x31\x32\x33\x34\x35',
+  '\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74',
+  '\x74\x6f\x53\x74\x72\x69\x6e\x67',
+  '\x66\x6c\x6f\x6f\x72',
+  '\x6e\x6f\x77',
+  '\x61\x62\x63\x64\x65\x66\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39',
+  '\x63\x68\x61\x72\x41\x74',
+  '\x72\x61\x6e\x64\x6f\x6d',
+  '\x6c\x65\x6e\x67\x74\x68',
+  '\x73\x69\x67\x6e',
+  '\x74\x69\x6d\x65\x73\x74\x61\x6d\x70',
+  '\x6e\x6f\x6e\x63\x65',
+  '\x61\x70\x70\x5f\x69\x64',
+  '\x65\x6e\x63\x72\x79\x70\x74\x65\x64',
+  '\x73\x74\x72\x69\x6e\x67\x69\x66\x79',
+  '\x75\x73\x65\x72',
+  '\x74\x65\x73\x74',
+  '\x61\x63\x74\x69\x6f\x6e',
+  '\x6c\x6f\x67\x69\x6e',
+  '\x6c\x6f\x67',
+  '\x52\x65\x73\x75\x6c\x74\x3a'
+];
+
+(function(_0x2d8f05, _0x4a2c9a) {
+  var _0x4b5b24 = function(_0x2d5f0a) {
+    while (--_0x2d5f0a) {
+      _0x2d8f05['push'](_0x2d8f05['shift']());
+    }
+  };
+  _0x4b5b24(++_0x4a2c9a);
+}(_0x4a2c, 0x1b8));
+
+var _0x4b5b = function(_0x2d8f05, _0x4a2c9a) {
+  _0x2d8f05 = _0x2d8f05 - 0x0;
+  var _0x4b5b24 = _0x4a2c[_0x2d8f05];
+  return _0x4b5b24;
+};
+
+var _0x2d5f0a = _0x4b5b('0x0');
+var _0x3c7e1b = _0x4b5b('0x1');
+
+function _0x1a2b3c(_0x5d6e7f) {
+  var _0x8a9b0c = 0x0;
+  for (var _0xd1e2f3 = 0x0; _0xd1e2f3 < _0x5d6e7f[_0x4b5b('0x9')]; _0xd1e2f3++) {
+    var _0x4g5h6i = _0x5d6e7f[_0x4b5b('0x2')](_0xd1e2f3);
+    _0x8a9b0c = ((_0x8a9b0c << 0x5) - _0x8a9b0c) + _0x4g5h6i;
+    _0x8a9b0c = _0x8a9b0c & _0x8a9b0c;
+  }
+  return Math['abs'](_0x8a9b0c)[_0x4b5b('0x3')](0x10);
+}
+
+function _0x7j8k9l() {
+  return Math[_0x4b5b('0x4')](Date[_0x4b5b('0x5')]() / 0x3e8);
+}
+
+function _0xm1n2o3(_0xp4q5r6) {
+  var _0xs7t8u9 = _0x4b5b('0x6');
+  var _0xv0w1x2 = '';
+  for (var _0xy3z4a5 = 0x0; _0xy3z4a5 < _0xp4q5r6; _0xy3z4a5++) {
+    _0xv0w1x2 += _0xs7t8u9[_0x4b5b('0x7')](Math[_0x4b5b('0x4')](Math[_0x4b5b('0x8')]() * _0xs7t8u9[_0x4b5b('0x9')]));
+  }
+  return _0xv0w1x2;
+}
+
+function _0xb6c7d8(_0xe9f0g1) {
+  var _0xh2i3j4 = _0x7j8k9l();
+  var _0xk5l6m7 = _0xm1n2o3(0x8);
+  var _0xn8o9p0 = _0x3c7e1b + _0xh2i3j4 + _0xk5l6m7 + _0x2d5f0a;
+  var _0xq1r2s3 = _0x1a2b3c(_0xn8o9p0);
+  var _0xt4u5v6 = {};
+  _0xt4u5v6[_0x4b5b('0xa')] = _0xq1r2s3;
+  _0xt4u5v6[_0x4b5b('0xb')] = _0xh2i3j4;
+  _0xt4u5v6[_0x4b5b('0xc')] = _0xk5l6m7;
+  _0xt4u5v6[_0x4b5b('0xd')] = _0x3c7e1b;
+  return _0xt4u5v6;
+}
+
+function _0xw7x8y9(_0xz0a1b2) {
+  var _0xc3d4e5 = _0xb6c7d8(_0xz0a1b2);
+  return Object['assign']({}, _0xz0a1b2, _0xc3d4e5, {
+    [_0x4b5b('0xe')]: btoa(JSON[_0x4b5b('0xf')](_0xz0a1b2))
+  });
+}
+
+var _0xf6g7h8 = {};
+_0xf6g7h8[_0x4b5b('0x10')] = _0x4b5b('0x11');
+_0xf6g7h8[_0x4b5b('0x12')] = _0x4b5b('0x13');
+var _0xi9j0k1 = _0xw7x8y9(_0xf6g7h8);
+console[_0x4b5b('0x14')](_0x4b5b('0x15'), _0xi9j0k1);
+_0xi9j0k1;

package/test/samples/v2_ob_advanced.js

@@ -0,0 +1,99 @@
+/**
+ * v2: JavaScript Obfuscator 高级混淆
+ * 技术: RC4字符串加密 + 控制流平坦化 + 死代码注入 + 自我防御
+ * 参考: https://obfuscator.io
+ */
+
+// RC4 解密函数
+function _0xrc4(_0xkey, _0xstr) {
+  var _0xs = [], _0xj = 0, _0xx, _0xres = '';
+  for (var _0xi = 0; _0xi < 256; _0xi++) { _0xs[_0xi] = _0xi; }
+  for (_0xi = 0; _0xi < 256; _0xi++) {
+    _0xj = (_0xj + _0xs[_0xi] + _0xkey.charCodeAt(_0xi % _0xkey.length)) % 256;
+    _0xx = _0xs[_0xi]; _0xs[_0xi] = _0xs[_0xj]; _0xs[_0xj] = _0xx;
+  }
+  _0xi = 0; _0xj = 0;
+  for (var _0xy = 0; _0xy < _0xstr.length; _0xy++) {
+    _0xi = (_0xi + 1) % 256;
+    _0xj = (_0xj + _0xs[_0xi]) % 256;
+    _0xx = _0xs[_0xi]; _0xs[_0xi] = _0xs[_0xj]; _0xs[_0xj] = _0xx;
+    _0xres += String.fromCharCode(_0xstr.charCodeAt(_0xy) ^ _0xs[(_0xs[_0xi] + _0xs[_0xj]) % 256]);
+  }
+  return _0xres;
+}
+
+// 加密的字符串数组
+var _0x4f3a = [
+  '\x57\x46\x4a\x76\x63\x6d\x64\x6c', '\x58\x33\x52\x6c\x63\x33\x52\x66',
+  '\x4d\x6a\x41\x79\x4e\x41\x3d\x3d', '\x59\x58\x42\x77\x58\x7a\x45\x79'
+];
+
+// 控制流平坦化的主函数
+(function() {
+  var _0xstate = '0';
+  var _0xSECRET = '', _0xAPPID = '';
+  var _0xresult = null;
+
+  while (true) {
+    switch (_0xstate) {
+      case '0':
+        _0xSECRET = atob('anNmb3JnZV90ZXN0XzIwMjQ=');
+        _0xstate = '1';
+        break;
+      case '1':
+        _0xAPPID = atob('YXBwXzEyMzQ1');
+        _0xstate = '2';
+        break;
+      case '2':
+        var _0xhash = function(_0xstr) {
+          var _0xh = 0;
+          for (var _0xi = 0; _0xi < _0xstr.length; _0xi++) {
+            _0xh = ((_0xh << 5) - _0xh) + _0xstr.charCodeAt(_0xi);
+            _0xh = _0xh & _0xh;
+          }
+          return Math.abs(_0xh).toString(16);
+        };
+        _0xstate = '3';
+        break;
+      case '3':
+        var _0xts = function() { return Math.floor(Date.now() / 1000); };
+        _0xstate = '4';
+        break;
+      case '4':
+        var _0xrand = function(_0xlen) {
+          var _0xc = 'abcdef0123456789', _0xr = '';
+          for (var _0xi = 0; _0xi < _0xlen; _0xi++) {
+            _0xr += _0xc.charAt(Math.floor(Math.random() * _0xc.length));
+          }
+          return _0xr;
+        };
+        _0xstate = '5';
+        break;
+      case '5':
+        var _0xgenSign = function(_0xp) {
+          var _0xt = _0xts(), _0xn = _0xrand(8);
+          var _0xsStr = _0xAPPID + _0xt + _0xn + _0xSECRET;
+          return { sign: _0xhash(_0xsStr), timestamp: _0xt, nonce: _0xn, app_id: _0xAPPID };
+        };
+        _0xstate = '6';
+        break;
+      case '6':
+        var _0xencrypt = function(_0xd) {
+          var _0xs = _0xgenSign(_0xd);
+          return Object.assign({}, _0xd, _0xs, { encrypted: btoa(JSON.stringify(_0xd)) });
+        };
+        _0xstate = '7';
+        break;
+      case '7':
+        _0xresult = _0xencrypt({ user: 'test', action: 'login' });
+        _0xstate = '8';
+        break;
+      case '8':
+        console.log('Result:', _0xresult);
+        _0xstate = '9';
+        break;
+      case '9':
+        return _0xresult;
+    }
+  }
+})();

package/test/samples/v3_jjencode.js

@@ -0,0 +1,77 @@
+/**
+ * v3: JJEncode 颜文字混淆
+ * 技术: 使用日式颜文字字符进行编码，利用JS类型转换特性
+ * 特点: 代码看起来像颜文字表情，但实际可执行
+ */
+
+// JJEncode 核心解码器
+var $ = ~[];
+$ = {
+  ___: ++$,
+  $$$$: (![]+"")[$],
+  __$: ++$,
+  $_$_: (![]+"")[$],
+  _$_: ++$,
+  $_$$: ({}+"")[$],
+  $$_$: ($[$]+"")[$],
+  _$$: ++$,
+  $$$_: (!""+""  )[$],
+  $__: ++$,
+  $_$: ++$,
+  $$__: ({}+"")[$],
+  $$_: ++$,
+  $$$: ++$,
+  $___: ++$,
+  $__$: ++$
+};
+
+$.$_ = ($.$_ = $ + "")[$.$_$] +
+       ($._$ = $.$_[$.__$]) +
+       ($.$$  = ($.$ + "")[$.__$]) +
+       ((!$) + "")[$._$$] +
+       ($.__ = $.$_[$.$$_]) +
+       ($.$ = (!"" + "")[$.__$]) +
+       ($._  = (!"" + "")[$._$_]) +
+       $.$_[$.$_$] + $.__ + $._$ + $.$;
+
+$.$$ = $.$ + (!"" + "")[$._$$] + $.__ + $._ + $.$ + $.$$;
+$.$ = ($.___)[$.$_][$.$_];
+
+// 编码后的核心逻辑 - 通过字符拼接构建代码
+var _$$ = "constructor";
+var __$ = ([][[]] + "")[5] + ([][[]] + "")[1];  // "un" + "d"
+var ___ = Function;
+
+// 构建执行字符串
+var encoded = [];
+encoded[0] = 118; encoded[1] = 97; encoded[2] = 114;  // "var"
+encoded[3] = 32;  // space
+encoded[4] = 83; encoded[5] = 69; encoded[6] = 67;  // "SEC"
+
+// 解码执行
+var decode = function(arr) {
+  return arr.map(function(c) { return String.fromCharCode(c); }).join('');
+};
+
+// 核心代码（编码形式）
+var coreCode = [
+  99,111,110,115,116,32,83,69,67,82,69,84,95,75,69,89,32,61,32,
+  39,106,115,102,111,114,103,101,95,116,101,115,116,95,50,48,50,52,39,59
+];
+
+var coreCode2 = [
+  99,111,110,115,116,32,65,80,80,95,73,68,32,61,32,39,97,112,112,
+  95,49,50,51,52,53,39,59
+];
+
+// 函数体编码
+var funcBody = [
+  102,117,110,99,116,105,111,110,32,115,105,109,112,108,101,72,97,115,104,40,115,116,114,41,123,
+  108,101,116,32,104,61,48,59,102,111,114,40,108,101,116,32,105,61,48,59,105,60,115,116,114,46,
+  108,101,110,103,116,104,59,105,43,43,41,123,104,61,40,40,104,60,60,53,41,45,104,41,43,115,116,
+  114,46,99,104,97,114,67,111,100,101,65,116,40,105,41,59,104,61,104,38,104,125,114,101,116,117,
+  114,110,32,77,97,116,104,46,97,98,115,40,104,41,46,116,111,83,116,114,105,110,103,40,49,54,41,125
+];
+
+// 执行解码后的代码
+___(decode(coreCode) + decode(coreCode2) + decode(funcBody))();

package/test/samples/v4_aaencode.js

@@ -0,0 +1,73 @@
+/**
+ * v4: AAEncode 颜文字混淆
+ * 技术: 使用日式颜文字(ﾟωﾟ)ﾉ进行编码
+ * 特点: 全部由颜文字组成，极具迷惑性
+ */
+
+ﾟωﾟﾉ= /｀ｍ´）ﾉ ~┻━┻   //*´∇｀*/ ['_'];
+o=(ﾟｰﾟ)  =_=3;
+c=(ﾟΘﾟ) =(ﾟｰﾟ)-(ﾟｰﾟ);
+(ﾟДﾟ) =(ﾟΘﾟ)= (o^_^o)/ (o^_^o);
+(ﾟДﾟ)={ﾟΘﾟ: '_' ,ﾟωﾟﾉ : ((ﾟωﾟﾉ==3) +'_') [ﾟΘﾟ] };
+(ﾟДﾟ) .ﾟｰﾟﾉ=((ﾟДﾟ)+'_') [o^_^o -(ﾟΘﾟ)];
+(ﾟДﾟ) ['c'] = ((ﾟДﾟ)+'_') [ (ﾟｰﾟ)+(ﾟｰﾟ)-(ﾟΘﾟ) ];
+(ﾟДﾟ) ['o'] = ((ﾟДﾟ)+'_') [ﾟΘﾟ];
+(oﾟｰﾟo)=(ﾟДﾟ) ['c']+(ﾟДﾟ) ['o'];
+(ﾟДﾟ) ['ﾟΘﾟ']= (ﾟДﾟ) ['c']+(ﾟДﾟ) ['o']+(ﾟДﾟ) ['c'];
+(ﾟДﾟ) ['ﾟωﾟﾉ']= (ﾟДﾟ) ['c']+(ﾟДﾟ) ['o']+(ﾟДﾟ) ['c'];
+(ﾟДﾟ) [ﾟΘﾟ]= (ﾟωﾟﾉ) [ﾟΘﾟ];
+(ﾟДﾟ) ['c']=((ﾟДﾟ)+'_') [(ﾟｰﾟ)+(ﾟｰﾟ)+(ﾟΘﾟ)];
+(ﾟДﾟ) ['o']=((ﾟДﾟ)+'_') [(ﾟｰﾟ)];
+(ﾟｰﾟ)=(ﾟｰﾟ)+(ﾟΘﾟ);
+(ﾟДﾟ)[ﾟｰﾟ]='\\';
+
+// 简化版AAEncode - 实际可执行的混淆代码
+(function() {
+  var ω = 'constructor';
+  var Д = []['filter'][ω](ω);
+  var ﾟ = {
+    ｰ: 'a]b[c'.split(']')[0],
+    Θ: (![]+[])[+!![]]
+  };
+
+  // 核心逻辑的编码表示
+  var _ωω_ = function(ﾟωﾟ) {
+    var ﾟДﾟ = 0;
+    for (var ﾟΘﾟ = 0; ﾟΘﾟ < ﾟωﾟ.length; ﾟΘﾟ++) {
+      var oﾟｰﾟo = ﾟωﾟ.charCodeAt(ﾟΘﾟ);
+      ﾟДﾟ = ((ﾟДﾟ << 5) - ﾟДﾟ) + oﾟｰﾟo;
+      ﾟДﾟ = ﾟДﾟ & ﾟДﾟ;
+    }
+    return Math.abs(ﾟДﾟ).toString(16);
+  };
+
+  var _ﾟωﾟ_ = function() {
+    return Math.floor(Date.now() / 1000);
+  };
+
+  var _ﾟДﾟ_ = function(ﾟｰﾟ) {
+    var c = 'abcdef0123456789', r = '';
+    for (var i = 0; i < ﾟｰﾟ; i++) {
+      r += c.charAt(Math.floor(Math.random() * c.length));
+    }
+    return r;
+  };
+
+  var ﾟΘﾟﾉ = 'deepspider_test_2024';
+  var ﾟωﾟﾉﾉ = 'app_12345';
+
+  var _genSign_ = function(p) {
+    var t = _ﾟωﾟ_(), n = _ﾟДﾟ_(8);
+    var s = ﾟωﾟﾉﾉ + t + n + ﾟΘﾟﾉ;
+    return { sign: _ωω_(s), timestamp: t, nonce: n, app_id: ﾟωﾟﾉﾉ };
+  };
+
+  var _encrypt_ = function(d) {
+    var s = _genSign_(d);
+    return Object.assign({}, d, s, { encrypted: btoa(JSON.stringify(d)) });
+  };
+
+  var result = _encrypt_({ user: 'test', action: 'login' });
+  console.log('Result:', result);
+  return result;
+})();