js-confuser-vm 0.0.5 → 0.0.7

package/dist/transforms/runtime/specializedOpcodes.js

@@ -1,6 +1,7 @@
 import * as t from "@babel/types";
 import traverseImport from "@babel/traverse";
 import { ok } from "assert";
+import { getOpcodeToCaseMap } from "./macroOpcodes.js";
 const traverse = traverseImport.default || traverseImport;
 
 // Extract the real statement list from a SwitchCase consequent (identical to the
@@ -19,20 +20,33 @@ function extractCaseBody(switchCase) {
 // Because specialized opcodes are only created for instructions that have
 // *exactly one* numeric operand, every `_operand()` call inside the original
 // handler is replaced by the constant value that was baked into the opcode.
-function inlineFixedOperand(bodyStmts, resolvedValue) {
+function inlineFixedOperands(bodyStmts, resolvedValues) {
   // Wrap the statements in a temporary BlockStatement so traverse has a root.
   // The replacement mutates the original statement objects in place.
+  var replaced = 0;
+  function consumeOperand() {
+    const resolvedValue = resolvedValues[replaced++];
+    ok(typeof resolvedValue === "number", `Expected a numeric operand value, got ${resolvedValue}`);
+    return t.numericLiteral(resolvedValue);
+  }
   traverse(t.blockStatement(bodyStmts), {
     noScope: true,
     CallExpression(path) {
       const callee = path.node.callee;
-      if (t.isMemberExpression(callee) && t.isThisExpression(callee.object) && t.isIdentifier(callee.property, {
-        name: "_operand"
-      }) && path.node.arguments.length === 0) {
-        path.replaceWith(t.numericLiteral(resolvedValue));
+      const isMethodCall = methodName => {
+        return t.isMemberExpression(callee) && t.isThisExpression(callee.object) && t.isIdentifier(callee.property, {
+          name: methodName
+        }) && path.node.arguments.length === 0;
+      };
+      if (isMethodCall("_operand")) {
+        path.replaceWith(consumeOperand());
+      }
+      if (isMethodCall("_constant")) {
+        path.node.arguments = [consumeOperand(), consumeOperand()];
       }
     }
   });
+  ok(replaced === resolvedValues.length, `Expected to replace ${resolvedValues.length} operands, but replaced ${replaced}`);
 }
 
 // Append a generated switch case for every entry in compiler.SPECIALIZED_OPS.
@@ -40,7 +54,7 @@ function inlineFixedOperand(bodyStmts, resolvedValue) {
 // replaced by the constant integer that was captured at compile time.
 // Must be called AFTER applyMacroOpcodes (so the original cases exist) but
 // BEFORE applyShuffleOpcodes so the new specialized cases also get shuffled.
-export function applySpecializedOpcodes(ast, bytecode, compiler) {
+export function applySpecializedOpcodes(ast, compiler) {
   let switchStatement = null;
   traverse(ast, {
     SwitchStatement(path) {
@@ -53,42 +67,35 @@ export function applySpecializedOpcodes(ast, bytecode, compiler) {
   ok(switchStatement, "Could not find @SWITCH statement for specialized opcodes");
 
   // Build a map  opName → SwitchCase  from the existing OP.xxx case tests.
-  const nameToCaseMap = new Map();
-  for (const sc of switchStatement.cases) {
-    const test = sc.test;
-    if (test && t.isMemberExpression(test) && t.isIdentifier(test.object, {
-      name: "OP"
-    }) && t.isIdentifier(test.property)) {
-      nameToCaseMap.set(test.property.name, sc);
-    }
-  }
+  const opcodeToCaseMap = getOpcodeToCaseMap(switchStatement, compiler);
   if (!compiler.SPECIALIZED_OPS) return;
   for (const [specialOpStr, info] of Object.entries(compiler.SPECIALIZED_OPS)) {
     const specialOpCode = Number(specialOpStr);
     const {
       originalOp,
-      operand
+      operands
     } = info;
-    const newName = compiler.OP_NAME[specialOpCode];
+    let newName = compiler.OP_NAME[specialOpCode];
     const originalName = compiler.OP_NAME[originalOp];
-    if (!originalName) continue;
-    const originalCase = nameToCaseMap.get(originalName);
-    if (!originalCase) continue;
+    const originalCase = opcodeToCaseMap.get(originalOp);
+    ok(originalCase, `Could not find original case for opcode ${originalName} (${originalOp})`);
 
     // Clone the original handler body
     const bodyStmts = extractCaseBody(originalCase).map(s => t.cloneNode(s, true));
-    const placedOperand = info.resolvedOperand || {
-      resolvedValue: 1337
-    };
-    ok(placedOperand !== undefined, `Could not find operand for original opcode ${newName}`);
-    const resolvedValue = placedOperand?.resolvedValue ?? placedOperand;
-    if (typeof resolvedValue !== "number") {
-      console.error(resolvedValue);
+    const placedOperands = info.operands;
+    ok(placedOperands, `Could not find operand for original opcode ${newName}`);
+    const resolvedValues = placedOperands.map(placedOperand => {
+      return placedOperand?.resolvedValue ?? placedOperand;
+    });
+    if (resolvedValues.find(v => typeof v !== "number")) {
+      console.error(info);
+      throw new Error("Expected all resolved operand values to be numbers");
     }
-    ok(typeof resolvedValue === "number", "Expected a numeric operand value");
+    newName = `${originalName}_${resolvedValues.join("_")}`;
+    compiler.OP_NAME[specialOpCode] = newName;
 
     // Replace this._operand() with the baked-in constant
-    inlineFixedOperand(bodyStmts, resolvedValue);
+    inlineFixedOperands(bodyStmts, resolvedValues);
 
     // Add a leading comment so the generated source stays readable
     if (bodyStmts.length > 0) {

package/dist/utils/op-utils.js

@@ -0,0 +1,36 @@
+import { getRandomInt } from "./random-utils.js";
+export const U16_MAX = 0xffff; // bytecode operands are u16
+
+/** Returns the next free opcode slot, or -1 when the space is exhausted. */
+export function nextFreeSlot(compiler) {
+  // ── Collect used opcodes exactly as specified ─────────────────────────────
+  const usedOpcodes = new Set(Object.keys(compiler.OP_NAME).map(k => parseInt(k, 10)).filter(v => !isNaN(v)));
+  if (usedOpcodes.size > U16_MAX) return -1;
+
+  // Random opcode
+  if (compiler.options.randomizeOpcodes) {
+    let attempts = 0;
+    while (attempts++ < 512) {
+      const candidate = getRandomInt(0, U16_MAX);
+      if (!usedOpcodes.has(candidate)) {
+        usedOpcodes.add(candidate);
+        return candidate;
+      }
+    }
+  }
+
+  // Fallback: linear scan from a random start
+  const start = Object.keys(compiler.OP_NAME).length;
+  for (let i = 0; i <= U16_MAX; i++) {
+    const v = start + i & U16_MAX;
+    if (!usedOpcodes.has(v)) {
+      usedOpcodes.add(v);
+      return v;
+    }
+  }
+  return -1;
+}
+export function getInstructionSize(instr) {
+  const size = instr.filter(op => op?.placeholder !== true).length;
+  return size;
+}

package/dist/utils/random-utils.js

@@ -0,0 +1,27 @@
+import { ok } from "assert";
+export function getPlaceholder() {
+  return Math.random().toString(36).substring(2, 15);
+}
+export function choice(elements) {
+  ok(elements.length > 0, "choice() called on empty sequence");
+  return elements[Math.floor(Math.random() * elements.length)];
+}
+export function getRandom() {
+  return Math.random();
+}
+export function getRandomInt(min, max) {
+  ok(min <= max, "min must be <= max");
+  return Math.floor(Math.random() * (max - min + 1)) + min;
+}
+
+/**
+ * Shuffles an array in-place using the Fisher-Yates algorithm.
+ * @param array - The array to shuffle (mutated)
+ */
+export function shuffle(array) {
+  for (let i = array.length - 1; i > 0; i--) {
+    const j = Math.floor(Math.random() * (i + 1));
+    [array[i], array[j]] = [array[j], array[i]];
+  }
+  return array;
+}

package/index.ts

@@ -9,14 +9,17 @@ async function main() {
 
   const { code: output } = await JsConfuserVM.obfuscate(sourceCode, {
     target: "browser", // or "node"
-    // randomizeOpcodes: true, // randomize the opcode numbers?
-    // shuffleOpcodes: true, // shuffle order of opcode handlers in the runtime?
-    // encodeBytecode: true, // encode bytecode? when off, comments for instructions are added
-    // selfModifying: true, // do self-modifying bytecode for function bodies?
-    // macroOpcodes: true, // create combined opcodes for repeated instruction sequences?
-    // specializedOpcodes: true, // create specialized opcodes for commonly used opcode+operand pairs?
-    // timingChecks: true, // add timing checks to detect debuggers?
-    // minify: true, // pass final output through Google Closure Compiler? (
+    randomizeOpcodes: true, // randomize the opcode numbers?
+    shuffleOpcodes: true, // shuffle order of opcode handlers in the runtime?
+    encodeBytecode: true, // encode the bytecode array?
+    concealConstants: true, // conceal strings and integers in the constant pool?
+    selfModifying: true, // do self-modifying bytecode for function bodies?
+    macroOpcodes: true, // create combined opcodes for repeated instruction sequences?
+    microOpcodes: true, // break opcodes into sub-opcodes?
+    specializedOpcodes: true, // create specialized opcodes for commonly used opcode+operand pairs?
+    aliasedOpcodes: true, // create duplicate opcodes for commonly used opcodes?
+    timingChecks: true, // add timing checks to detect debuggers?
+    minify: true, // pass final output through Google Closure Compiler? (Renames VM class properties)
   });
 
   writeFileSync("output.original.js", orginalOutput, "utf-8");

package/jest.config.js

@@ -6,10 +6,19 @@ const OPTIONS_MATRIX = [
   { displayName: "selfModifying", VM_OPTIONS: { selfModifying: true } },
   { displayName: "timingChecks", VM_OPTIONS: { timingChecks: true } },
   { displayName: "macroOpcodes", VM_OPTIONS: { macroOpcodes: true } },
+  { displayName: "microOpcodes", VM_OPTIONS: { microOpcodes: true } },
   {
     displayName: "specializedOpcodes",
     VM_OPTIONS: { specializedOpcodes: true },
   },
+  {
+    displayName: "aliasedOpcodes",
+    VM_OPTIONS: { aliasedOpcodes: true },
+  },
+  {
+    displayName: "concealConstants",
+    VM_OPTIONS: { concealConstants: true },
+  },
   {
     displayName: "all",
     VM_OPTIONS: {
@@ -19,7 +28,10 @@ const OPTIONS_MATRIX = [
       selfModifying: true,
       timingChecks: true,
       macroOpcodes: true,
+      microOpcodes: true,
       specializedOpcodes: true,
+      aliasedOpcodes: true,
+      concealConstants: true,
     },
   },
 ];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "js-confuser-vm",
-  "version": "0.0.5",
+  "version": "0.0.7",
   "main": "dist/index.js",
   "scripts": {
     "build": "babel src --out-dir dist --extensions \".ts,.js\"",

package/src/build-runtime.ts

@@ -1,19 +1,23 @@
 import { generate } from "@babel/generator";
-import { parse, type ParseResult } from "@babel/parser";
+import { parse } from "@babel/parser";
 import type * as t from "@babel/types";
 import type { Options } from "./options.ts";
 import { applyMacroOpcodes } from "./transforms/runtime/macroOpcodes.ts";
+import { applyMicroOpcodes } from "./transforms/runtime/microOpcodes.ts";
+import { applyInteralVariablesToRuntime } from "./transforms/runtime/internalVariables.ts";
 import { applyShuffleOpcodes } from "./transforms/runtime/shuffleOpcodes.ts";
 import { applyMinify } from "./transforms/runtime/minify.ts";
 import { Compiler } from "./compiler.ts";
 import { applySpecializedOpcodes } from "./transforms/runtime/specializedOpcodes.ts";
+import { applyAliasedOpcodes } from "./transforms/runtime/aliasedOpcodes.ts";
 import type * as b from "./types.ts";
 
 export async function obfuscateRuntime(
   runtime: string,
   bytecode: b.Bytecode,
   options: Options,
-  compiler?: Compiler,
+  compiler: Compiler,
+  generateBytecodeComment,
 ) {
   let ast: t.File;
   try {
@@ -22,9 +26,18 @@ export async function obfuscateRuntime(
     throw new Error("VM-Runtime final parsing failed", { cause: error });
   }
 
-  // Macro opcode cases must be applied BEFORE shuffleOpcodes
+  // Specialized opcode cases must be applied BEFORE shuffleOpcodes
   if (options.specializedOpcodes) {
-    applySpecializedOpcodes(ast, bytecode, compiler);
+    applySpecializedOpcodes(ast, compiler);
+  }
+
+  if (options.microOpcodes) {
+    applyInteralVariablesToRuntime(ast, compiler);
+  }
+
+  // Micro opcode cases must be applied BEFORE shuffleOpcodes
+  if (options.microOpcodes && Object.keys(compiler.MICRO_OPS).length > 0) {
+    applyMicroOpcodes(ast, compiler);
   }
 
   // Macro opcode cases must be applied BEFORE shuffleOpcodes
@@ -32,6 +45,11 @@ export async function obfuscateRuntime(
     applyMacroOpcodes(ast, compiler);
   }
 
+  // Aliased opcode cases must be applied BEFORE shuffleOpcodes
+  if (options.aliasedOpcodes) {
+    applyAliasedOpcodes(ast, compiler);
+  }
+
   // Shuffle opcode handle order
   if (options.shuffleOpcodes) {
     applyShuffleOpcodes(ast);
@@ -44,6 +62,9 @@ export async function obfuscateRuntime(
     throw new Error("VM-Runtime final generation failed", { cause: error });
   }
 
+  // Add comment here for more accurate opcode names
+  generated = generateBytecodeComment() + "\n" + generated;
+
   // Minify code?
   if (options.minify) {
     try {